Intrusion Detection Systems

Intrusion Detection Systems Overview

What are Intrusion Detection Systems?

Intrusion detection systems (IDS) are software products that monitor network or system activities, and analyze them for signs of any violations of policy, acceptable use, or standard security practices. They then report any malicious activities or policy violations to system administrators.

Intrusion detection systems are concerned primarily with identifying potential incidents and logging information about them and notifying administrators of observed events. However some systems, usually called instruction prevention systems, actively try to prevent intrusion threats from succeeding.

Types of Intrusion Detection Software

  • Network-based systems: Network-based systems monitor network traffic for network segments or devices to identify suspicious activity
  • Wireless monitoring: Wireless systems monitor wireless network traffic and analyze it to identify suspicious activity involving wireless networking protocols
  • Network behavior analysis: Network behavior analysis systems monitor network traffic to identify threats generating unusual traffic flows like denial of service attacks, malware or policy violations
  • Host-based systems: Host-based systems monitor the characteristics of a single host and events occurring within that host

Intrusion Detection Products

(1-25 of 43) Sorted by Most Reviews

AlienVault USM
642 ratings
377 reviews
Top Rated
AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments, inclu…
CrowdStrike Falcon Endpoint Protection
24 ratings
7 reviews
CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no performance…
AlienVault OSSIM
18 ratings
7 reviews
OSSIM leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts. AlienVault OSSIM is an open source Security Information and Event Management (SIEM) product. It is a unified platform providing: Asset discov…
Juniper SRX
18 ratings
5 reviews
Juniper SRX is a firewall offering. It provides a variety of modular features, scaled for enterprise-level use, based on a 3-in-1 OS that enables routing, switching, and security in each product.
Cisco Firepower NGIPS (formerly Sourcefire 3D)
8 ratings
4 reviews
Cisco Firepower Next-Generation Intrusion Prevention System (NGIPS) is an intrusion detection response system that produces security data and enhances the analysis by InsightOps. The technology replaces the former Sourcefire 3D IPS. Cisco acquired Sourcefire in 2013.
Proofpoint Advanced Threat Protection
14 ratings
4 reviews
Proofpoint Advanced Threat Detection is a suite of threat detection products including Attack Protection for Email, SaaS applications, Mobile Defense, Threat Response, and Threat Intelligence.
RackFoundry Total Security Management
7 ratings
3 reviews
RackFoundry Total Security Management offers a complete firewall solution. It includes VPN, SIEM, automated vulnerability scanning and log management features scaled for SME’s.
Intrusion Detection, part of Alert Logic Professional
7 ratings
3 reviews
Alert Logic's Network Intrusion Detection System (IDS), formerly available as Alert Logic Threat Manager, SIEMlessly detects and responds to threats with the company's Intrusion Detection System software, now available as part of the Professional & Enterprise tiers of Alert Logic's MDR service.
16 ratings
3 reviews
Sourcefire developed Snort, an open source intrusion prevention system capable of real-time traffic analysis and packet logging. Snort was acquired (and is now supported) by Cisco in 2013.
Cisco IPS Sensor (Discontinued)
6 ratings
2 reviews
Cisco IPS Sensors have reached EOL, and EOS.
Palo Alto Networks URL Filtering PAN-DB
12 ratings
2 reviews
The majority of attacks and exposure to malicious content occurs during the normal course of web browsing activities, which requires the ability to allow safe, secure web access for all users. URL Filtering with PAN-DB automatically prevents attacks that leverage the web as an attack vector,…
1 ratings
1 reviews
Endgame is an endpoint security platform that unifies prevention, detection, and threat hunting to stop known and unknown attacker behaviors with a single agent.
McAfee Network Security Platform
5 ratings
1 reviews
McAfee Network Security Platform is an intrusion detection and prevention system (IDPS).
Trend Micro TippingPoint Threat Protection System (TPS)
6 ratings
1 reviews
The TippingPoint Threat Protection System (TPS) from Trend Micro is an intrusion detection and prevention system.
Tripwire Enterprise
7 ratings
1 reviews
Tripwire Enterprise, from Tripwire in Portland, Oregon, is an intrusion detection/prevention system.
Palo Alto Networks Threat Protection
11 ratings
1 reviews
Threats do not discriminate between application delivery vectors, requiring an approach that has full visibility into all application traffic, including SSL encrypted content, with full user context. Threat Prevention leverages the visibility of our next-generation firewall to inspect all tr…
V-Key from the company of the same name in Redwood City, California, is an intrusion detection / protection system.
Juniper NetScreen IDP (discontinued)
Juniper IDP and the Juniper NetScreen IDP appliances, from Juniper Networks, were a product line providing security and intrusion detection / prevention. They reached end of life in 2018 and are no longer made or supported.
Fidelis Elevate
Fidelis Cybersecurity offers Elevate, the company's flagship threat prevention and detection platform that encompasses three modules, Fidelis Network Module which provides threat detection and network visibility, Fidelis Deception which is based on technology acquired with TopSpin Security in 2017 t…
Dtex is a threat detection security product, that uses behavior intelligence to uncover both internal and external threats.
OPSWAT Metadefender is a vulnerability management security product comprising vulnerability assessment, data cleansing, malware engines, and customized security policies.
LookingGlass Cyber Solutions
LookingGlass Cyber Solutions is a threat protection solution protecting against cyber attacks to global enterprises and government agencies The product is augmented by a team of security analysts who enrich the data feeds and provide timely insights to customers of potential risks.
Ziften Zenith
Ziften in Austin, Texas offers Zenith, an application dedicated to providing visibility into user application activity across all managed devices for the purpose of intrusion and malicious behavior detection.
F-Secure Rapid Detection Service
F-Secure offers Rapid Detection Service, their flagship intrusion detection platform featuring live support and observation of activity for anomalies and potential threats.
The Illusive Deception Management System
Illusive Networks, headquartered in Tel Aviv, offers the Illusive Deception Management System, which uses machine learning to predict cyber attack vectors and, in an unusual approach, introduce deceptions across the network to confuse, frustrate, and ultimately thwart attackers.