Intrusion detection systems are often part of other security systems or software, along with the intention of protecting information systems.
IDS security works in combination with authentication measures and authorization access control, as a double line of defense against intrusion.
Firewalls and antivirus or malware software are typically configured on each individual device on a network, but as businesses grow, newer or more unknown devices such as cell phones and USBs come and go. Firewalls and anti-malware software alone are not enough to protect an entire network from attack. They act as a small part of an entire security system.
Using a full IDS as part of your security system is vital and is intended to be applied across your network in different ways.
An IDS can capture snapshots of your entire system and then use intelligence gathered from pre-established patterns to determine when an attack occurs or provide information and analysis on how an attack occurred.
Essentially, there are several components for intrusion preparation:
knowledge of potential intrusions,
prevention of potential intrusions,
knowledge of past and active intrusions, and
response to intrusion.
While it may seem "too late" once an attack has already occurred, knowing what intrusions have happened or been attempted in the past can be a vital tool in preventing future attacks. Knowing the extent of an attack's intrusion is also important in determining your response and responsibilities to stakeholders who depend on the security of your systems.
Read More: cisco intrusion prevention system