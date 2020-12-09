In the early 1990s, commercial implementation of intrusion detection technologies commenced. Haystack Labs, with its Stalker line of host-based devices, was the first commercial provider of IDS software. A type of host-based intrusion detection called the Computer Misuse Detection System was also developed by SAIC (CMDS). At the same time, the Automated Security Measurement System (ASIM) was developed by the Air Force’s Crypto logic Support Centre to track internet traffic on the US Air Force’s network. Global Market Database is a world’s first dynamic B2B Market Research Platform which provides free market research tools.

Only around 1997, the intrusion detection field started to gain traction and fully bring in revenue. A network intrusion detection system called Real Secure was established by the security industry leader, ISS, that same year. A year later, Cisco realized the value of detecting network intrusion and acquired the Wheel Group, achieving a security solution that it could provide its customers with. Consequently, Centrex Corporation, the first recognizable host-based intrusion detection organization, resulted in the emergence of the merger of Haystack Labs’ development staff and the dismissal of SAIC’s CMDS team. From there its market-based was extended by the commercial IDS industry and a roller coaster ride with start-up firms, mergers and acquisitions followed.

Intrusions on networks have become the norm today. Phishing attacks are an industry worth USD 5.3 billion and, as per the FBI, attacks are projected to reach USD 9 billion in 2020. Security techniques such as network intrusion detection and prevention systems (IDPS) are responsible for spotting intruders before they can do significant harm.

Artificial intelligence and machine learning algorithms are used by some newer technologies to help define the norm of normal operation and minimize the false positive rate. To benefit from the advantages of both methods, many solutions combine both signature-based detection and anomaly-based detection.

Factors such as the attributes of the network environment, the goals and objectives for use of an IDPS, and existing organizational security strategies need to be considered when deciding which type of intrusion detection and prevention system an enterprise can use. In the end, two types of IDS/IPS exist network-based and host-based. On network segments, like wireless or some other network that is chosen, a network-based IDPS operates. On the other hand, a host-based IDPS operates on servers.

Today, several enterprises have diverse environments in the global market. Rendering it a must to implement more than one type of intrusion detection and prevention system. However, it is important to thoroughly analyze the enterprise’s needs before incorporating various types of IDPS solutions. They are a critical component of the cybersecurity approach, regardless of what type of intrusion and detection system an organization uses. Getting a robust IDPS in action is a must to counter the evolving attacks all organizations are facing.

