An Intrusion Detection System (IDS) monitors and analyzes computer network traffic to protect a system from network-based threats. An IDS reads inbound and outbound packets, searching for suspicious patterns. Malicious activity is usually reported to a Security Operations Center (SOC) or a Security Information and Event Management (SIEM) system. The Intrusion Detection System notifies administrators through alerts and sets severity levels. If the IDS is operating in IPS mode, or Intrusion Prevention System mode, it can bar the source IP address from accessing the network.
Here are five reasons why your company might need an Intrusion Detection System: