An Intrusion Detection System (IDS) is an essential tool in every security practitioner’s arsenal. Intrusion Detection Systems are designed to gather and analyze information from networks and hosts to detect malicious activity both before and after a security breach. In this guide, you will learn about the critical components of host and network IDS, requirements to evaluate IDS solutions, as well as how AlienVault Unified Security Management (USM) meets those requirements.
Topics covered to help you evaluate IDS solutions include:
* An overview of network and host-based IDS
* Signature-based vs. anomaly-based systems
* Throughput of IDS solutions
* Protocol analysis
* Aggregation capabilities
* Integration capabilities
* Contextual enhancement
Download white paper to learn what capabilities you should consider when evaluating IDS solutions.