The above article reports on how an intrusion detection system (IDS) can 'keep an eye on' a network that may be a target for hackers or unauthorised access. This concept of IDS is similar to a closed circuit camera that watches over a property to catch illegal intruders. Its usefulness stems from IDS ability to detect unauthorised access to system resources and suspicious activities occurring within the network. The article has introduced different types of IDS and its inherent limitations.

There are two main types of IDS: host-based and network-based. Host based IDS resides in critical servers to monitor any activities that may jeopardise the organisation's data resources. A network IDC scrutinises network traffic to sieve out suspicious transactions that may warrant investigation. Thus, such a pre-emptive approach can improve damage control in the event of intrusion or unauthorised access. IDS that exist among the network eases the security officer's job by giving him a unified view of a the whole situation and consequently reducing the risk of attacks by hackers or unauthorised access.

While deploying IDS it is important to consider where sensitive information and mission critical data are held so as to optimise such a technical utility to safeguard information assets. IDS should ideally guard key points of entry into the network and also placed behind firewalls.

Data security threats will increasingly exist between communication links from the external environment as more organisations empower their personnel with data and form distributed accessible networks for information retrieval. IDS can be a useful second line of defence in the face of such trends and the need to protect data. However, inherent limitations such as complexity of deployment (in a switched network), specialised knowledge in deployment and high network demands may be barriers to its perceived usefulness to be realised.

Recently, major e-commerce sites like Yahoo and Amazon.com fell prey to pranksters that sent huge data packets to disrupt these website's operational status. Perhaps with IDS the security administrators could better respond to such threats and reduce downtime to a minimum.