Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are network security technologies that monitor network traffic for suspicious activities, policy violations and known attack signatures. An IDS passively monitors and alerts security teams when potential threats are detected, while an IPS sits inline with network traffic and can automatically block or reject malicious packets in real time, providing an active defence layer beyond traditional firewalls.
IDS/IPS solutions are fundamental components of a defence-in-depth security strategy and are required or recommended by compliance frameworks including ISO 27001, PCI DSS and SOC 2. Modern systems combine signature-based detection with anomaly-based analysis and machine learning to identify both known threats and novel attack patterns, while generating the detailed logging and alerting data that compliance auditors need to verify effective network security monitoring is in place.