The current state of Intrusion Detection Systems(IDS) would have to be considered fairly mature. The market for IDS and Intrusion Prevention Systems (IPS) is a large percentage of the $14 billion security software[1] industry with dozens of vendors and service providers worldwide. The functionality provided by these systems can be broken down into three broad categories:

Perimeter control – monitoring and restricting access from the outside world to internal networks; detecting and reacting to anomalous traffic patterns.

Host access control – setting authentication and authorization parameters for users of systems and services.

Change control mechanisms - requiring that any modifications and updates to production systems be reviewed and approved and that implementation and recovery plans are in place.

This document is in PDF format. To view it click here.