If you were under attack from a hacker, or if a malicious worm was spreading a virus through your servers silently, would you know?
If the answer is no, then perhaps it is time to introduce an Intrusion Detection System (IDS) to your network. Essentially, an IDS is a visibility tool which sits off to the side of your network, monitoring traffic at many different points, providing you with end-to-end visibility into the security posture of your network. In the hands of your security team, it will help them uncover security policy violations, infections, data loss and configuration errors.
In most cases, we can also integrate an Intrusion Prevention System (IPS) into the installation of an IDS on your network. Similar to an IDS, an IPS monitors and scans traffic, but has the added ability of being able to take immediate action, based on a set of rules established by the administrator. This could involve dropping a packet that it determines to be malicious.
Both an IDS and IPS are beneficial additions to your security controls, giving you better visibility and control of your network.