In this case, a NIDS or NIPS will not prevent malicious traffic, because traffic between virtual machines on the same physical machine may not be transmitted on network devices. Because of this, we need Host Intrusion PROTECTION Systems (HIPS).
An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any malicious activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources, and uses alarm filtering techniques to distinguish malicious activity from false alarms.
While there are several types of IDS, ranging in …