IDSs (Intrusion Detection Systems) on our network to capture and alert traffic seen as malicious.
They can be categorized into 2 types and with 2 different approaches to identifying malicious
traffic. Network based, placed on a network segment (a switch port in promiscuous mode). Host based,
on a client, normally a server or workstation. Signature (Pattern) matching, similar to anti virus,
it matches traffic against a long list of known malicious traffic patterns. Heuristic (Behavioral)
based, uses a normal traffic pattern baseline to monitor for abnormal traffic.