This chapter discusses network security devices and infrastructure, including firewalls, VPNs, intrusion detection systems, and network-based and host-based intrusion detection. It covers the primary approaches used by intrusion detection systems such as behavior-based detection, signature-based detection, anomaly detection, and heuristic detection. The chapter also discusses passive responses like logging and notification as well as active responses like terminating processes, network configuration changes, and deception. Additionally, it mentions network intrusion prevention systems and other security-related devices.