Intrusion Detection/Intrusion Prevention
Armor’s host-based IDS/IPS monitors your traffic in and out of the host server or instance. All event data collected by host-based IDS/IPS is integrated with data collected by other security appliances monitored by Armor and correlated to identify and block suspicious patterns and behavior.

Block Intrusions at the Point of Attack
Armor’s enterprise-class host-based IDS/IPS performs traffic analysis to detect and block threats and alert on suspicious activity.
Defense in Depth for Your Cloud Workloads
Armor’s host-based IDS/IPS is one part of an integrated suite of security capabilities to provider powerful defense-in-depth protection for your workloads
Audit-Ready Compliance
Host-based IDS/IPS capabilities help you meet key controls for major compliance frameworks such as PCI DSS, HIPAA/HITRUST and GDPR.
How it Works
With visibility to inbound and outbound activity at the host, Armor inspects anomalous traffic against predefined policies – detecting and blocking attacks like generic SQL injections, generic XSS attacks, DoS, and generic web app effects.
The host-based IDS/IPS has two modes – Detection and Prevention – allowing operators such as DevOps practitioners and security analysts to select their preferred setting.

Your Window into the Cloud Security Platform – The Armor Management Portal
Simple to navigate and easy to use, The Armor Management Portal gives you:
- Unified Visibility of Assets Across Your Environments
- Deep Visibility into Integrated Tools, Detections and Response Guidance
- Advanced Log Search and Data Visualization Capabilities