Skip to main content

Application IDS

A host IDS/IPS would normally concentrate on protecting the hosts Operating System, as the name suggests an application IDS/IPS will work solely with the application itself.  They tend to be tailored to a specific product, such as, Microsoft Internet Information Server (IIS) within application groups that provide externally visible services such as Webservers, Databases and Mailservers. An IDS will report when nefarious activity is detected most usually using logs generated by the application, whilst an Application IPS will not only detect such activity but also block it, protecting the application from attack.