Description
Network traffic can be inspected for suspicious patterns, known attacks, and policy violations with a lightweight intrusion detection and prevention engine. This is useful for administrators who monitor gateways, servers, lab networks, or security sensors.
The software can observe and sometimes block traffic depending on configuration. It should be deployed by users who understand packet capture, rules, privacy implications, and the risk of disrupting legitimate network activity.