Network Intrusion Detection Systems (NIDS)
aimed to identify unauthorized or anomalous behavior by means of network traffic analysis. Using the analyzed data, the IDS system processes and flags any suspicious traffic. Unlike an NIPS, an NIDS does not actively block network traffic. The role of a NIDS is passive, only gathering, identifying, logging and alerting.
Host based Intrusion Detection Systems (HIDS)
aimed to identify unauthorized or anomalous behavior on a server or workstation usually by means of an agent installed on each system. The installed agent monitor the OS a/o applications activity, using a combination of signatures, rules, and heuristics in order to identify unauthorized activity.
Security Information/Event Management (SIEM)
aimed to provide real-time analysis of security alerts generated by network hardware and applications. Also used to log security data, generate reports for compliance purposes and incident response assisting in case an incident has already happened.