There are many types of intrusion detections systems being deployed today. Each type has its own set of advantages. The z/OS Communications Server provides an integrated Intrusion Detection Service (IDS) for TCP/IP. Using the IDS, the Communications Server exploits its position as a communications endpoint in order to detect attacks on z/OS that otherwise might go undetected by traditional network-based intrusion detection systems. This session will describe the Communications Server IDS and how it may be used to detect intrusion attempts against z/OS. The session will cover the IDS architecture, types of attacks detected, the defensive and notification actions that occur when an intrusion attempt is detected, and IDS policy configuration using the zIDS Manager.