Intrusion detection system (IDS)

An intrusion discovery mechanism used by IDS. Behavior- based detection finds out about the normal activities and events on your system through watching and learning. Once it has accumulated enough data about normal activity, it can detect abnormal and possible malicious activities and events. Also known as statistical intrusion detection, anomaly detection, and heuristics-based detection.
[view]

A security device that includes traditional functions of a firewall such as packet filtering and stateful inspection. It is able to perform packet inspection techniques, allowing it to identify and block malicious traffic. It can filter malware using definition files and/or whitelists and blacklists. It also includes intrusion- detection and/or intrusion-prevention capabilities. Aka next-generation firewall.
[view]

A firewall that evaluates the state or the context of network traffic. By examining source and destination address, application usage, source of origin, and relationship between current packets with the previous packets of the same session, stateful inspection firewalls are able to grant a broader range of access for authorized users and activities and actively watch for and block unauthorized users and activities. Stateful inspection firewalls are known as third-generation firewalls.
[view]

The final inspection to determine whether or not a facility or system meets the specified technical and performance standards. Note: This inspection is held immediately after facility and software testing, and is the basis for commissioning or accepting the information system.
[view]

An access control deployed to discover unwanted or unauthorized activity. Examples of detective access controls include security guards, supervision of users, incident investigations, and intrusion detection systems (IDSs).
[view]