Unlike a SIEM that monitors your organization's data on a large scale, intrusion detection systems (IDS) and intrusion prevention systems (IPS) are a customized solution for your data.

IDS/IPS is the process of monitoring your network traffic and analyzing it for signs of potential intrusion, such as exploitation attempts and incidents that may pose perceived threats to your network.

It had two types of installation:

  • Host-Based IDS/IPS;
  • Network-Based IDS/IPS;