Local Area Network Security Next let's examine some critical functions of an IDS: · · · · · · · · 253 Can impose a greater degree of flexibility to the security infrastructure of the network Monitors the functionality of routers, including firewalls, key servers, and critical switches Can help resolve audit trails, thus often exposing problems before they lead to loss of data Can trace user activity from the network point of entry to the point of exit Can report on file integrity checks Can detect whether a system has been reconfigured by an attack Can recognize a potential attack and generate an alert Can make possible security management of a network by nonexpert staff 10. Network-Based IDS: Scope and Limitations Network-based IDS (NIDS) sensors scan network packets at the router or host level, auditing data packets and logging any suspicious packets to a log file. Figure 10.2 is an example of a NIDS. The data packets are captured by a sniffer program, which is a part of the IDS