Distributed Intrusion Detection Service (IDS) monitors network traffic on the host for suspicious activity.
IDS detects intrusion attempts based on already known malicious instruction sequences. The detected patterns in the IDS are known as signatures. Specific signatures can be excluded from intrusion detection.
Note: Do not enable Distributed Intrusion Detection Service (IDS) in an environment that is using Distributed Load Balancer.
NSX-T Data Center does not support using IDS with a Distributed Load Balancer.
Distributed IDS Configuration:
- Enable IDS on hosts, download latest signature set, and configure signature settings. Distributed IDS Settings and Signatures
- Create IDS profiles. Distributed IDS Profiles
- Create IDS rules. Distributed IDS Rules
- Verify IDS status on hosts. Verify Distributed IDS Status on Host