What is an Intrusion Detection System? An intrusion detection system (IDS) is a device or software application that monitors a network for malicious activity or policy violations.
Any malicious activity or violation is typically reported or collected centrally using a security information and event management system.
An Intrusion Detection System (IDS) is a technology solution that monitors inbound and outbound traffic in your network for suspicious activity and policy breaches.
As the name suggests, the primary purpose of an IDS is to detect and prevent intrusions within your IT infrastructure, then alert the relevant people.
An IDS is designed to only provide an alert about a potential incident, which enables a security operations center (SOC) analyst to investigate the event and determine whether it requires further action.
An IPS, on the other hand, takes action itself to block the attempted intrusion or otherwise remediate the incident.