Definition: Intrusion Detection, within the context of information security, refers to a computer or network’s capability to discover unauthorized or unlawful access or traffic. Such functionality is possible using a combination of the network operating system, official security policies and a special Internet protocol known as SNMP, or Simple Network Management Protocol. Each packet’s presence in the network can essentially be verified as legitimate or unauthorized using SNMP.
Its Relevance: Knowing that unauthorized access or traffic is occurring is essential to assuring the security of an organization’s information resources. One of the main reasons is that proprietary information can be stolen without there being a “physical loss” of the data or information. Stealing research and development plans can be as simple as making a copy of it and leaving the original in place. Quickly discovering the presence of unauthorized data packets is a security best practice and can improve an organization's overall security posture.