A Network Intrusion Detection System (NIDS) will monitor the traffic traveling on the network segment which the system is attached. A passive NIDS is attached to a hub using a network tap or mirroring the ports on a switch to a NIDS dedicated port. The system will inspect all packets and monitor sessions without impact.
NIDS have several essential characteristics:
- Monitors network packets and traffic in real time.
- Analyzes protocols and other packet information.
- Can send alerts or terminate offending connections.
- Can integrate with firewalls and define rules.
- Monitoring data packets can be disrupted by encryption.
Host-based intrusion detection systems (HIDS) are implemented at the host level. The intrusion detection analysis is the primary difference from NIDS. The scope of the HIDS is the boundaries of the host, and increases the level of visibility and control available because of its integration with the host.
for more information about Intrusion Detection, and to be well prepared for your CISA exam – sign up for the CISA exam preparation course:
**For Instant Access, follow these simple steps
1. Go here
2. choose your username and password and create your account
3. confirm your registration, log in and receive your enrollment key to your exam preps instantly upon confirmation of your paypal transaction **