Monitored Intrusion Detection Systems

Most enterprise networks are protected from the Internet by firewalls. While firewall protections are essential, they rarely identify types of attacks, or attacks on allowed services. Intrusion Detection Systems (IDS) allow administrators to detect and respond to these attacks. However, IDS are of limited use without monitoring. Monitored Intrusion Detection Systems (MIDS) offer real-time detection and response to attacks, including dynamic blocking, complaints to ISPs, and report generation. MIDS are not an alternative to firewalls, they are an essential complement to them. Due to the extensive reporting built into them, they also serve as effective deterrents to attack.

Download the paper in PDF format here.