Organizations continue to deploy firewalls as their central gatekeepers to prevent unauthorized users from entering their networks. However, network security is in many ways similar to physical security in that no one technology serves all needs - rather, a layered defense provides the best results. Organizations are increasingly looking to additional security technologies to counter risk and vulnerability that firewalls alone cannot address. Intrusion detection systems provide around-the-clock network surveillance. They analyze the packet data streams within the network, searching for unauthorized activity, such as attacks by hackers, enabling users to respond immediately to security breaches. Using a physical analogy, IDS systems are equivalent to video cameras and motion sensors; they detect unauthorized or suspicious activity.Cisco Systems, the worldwide leader in networking for the Internet, addresses the need for intrusion detection in switched local-area network (LANs) with an integrated solution with the IDS module, in addition to the complete family of Cisco Secure IDS appliance sensors, for its award-winning, high-performance Catalyst 6000 switch series. The IDS module allows security and network administrators to monitor network traffic right off the switch backplane rather than using external IDS sensors connected to a switch SPAN port. This allows more granular access to the network traffic and overcomes some of the limitations that external IDS sensors connected to SPAN ports have. Similar to how the Cisco Secure IDS appliance sensors operate, the IDS module detects unauthorized activity traversing the network, such as attacks by hackers, and will send alarms to a management console with details of the detected event. The security or network administrator specifies the network traffic that must be inspected by the IDS module using the Catalyst OS virtual LAN (VLAN) access control list (ACL) capture feature or SPAN functionality, allowing for very granular traffic monitoring. In addition, the IDS module can be managed and monitored by the same management console as the Cisco Secure IDS sensors, allowing customers to deploy both appliance sensors and the IDS module to monitor critical subnets throughout their enterprise network.