Network-based intrusion detection systems (nids) are placed at a strategic point (or points) to monitor the traffic on the network. It analyzes the passing traffic on the entire subnet, and matches the traffic that is passed on the subnets to the library of known attacks. When an attack is identified, or abnormal behavior is detected, an alert is sent to the administrator. Opnet and Netsim are commonly used tools for simulation network intrusion detection systems.