If you think of intrusion detection as you would for intrusions into your home, you will find that once someone ‘breaks in’ they have destroyed much of your hard work, both physically and emotionally.
They have done damage and invaded your space.
Effectively detecting whether or not these ‘break ins’ are happening is very important for your business. Effective intrusion detection can protect confidentiality, integrity and availability resources. You have two choices here. You can go with manual intrusion detection or automated. In manual, you will need to perform searches to exam log files or look for other signs that someone has gotten in. But, with automated intrusion detection, the system will take care of the work for you allowing for a more complete exam as well as one that can be counted on and done on a timely basis. They can be host based or network based. Automated systems are generally called IDS’s. When something is found by the IDS, it will alert you that a possible intrusion has occurred. This can be done through sending an email alert, by logging relevant information or even by contacting via mobile phone or pager. It will be up to you to determine what has happened and how it happened though. Usually, intrusion detection does not prevent intrusion, nor does it fix any problems that arise due to it. But, effective intrusion detection is still necessary and relying on an automated system will make sure you are up to date as needed.
There are also many information portals now devoted to the subject and we recommend reading about it at one of these. Try googling for “intrusion detection” and you will be surprised by the abundance of information on the subject. Alternatively you may try looking on Yahoo, MSN or even a decent directory site, all are good sources of this information.