Described as a “honey pot” intrusion detection system (IDS), this Decoy Server is designed to detect, contain and monitor unauthorised access and system misuse. The vendor said the product was only likely to attract suspicious traffic, because it wasn’t a real system, and should be used as a supplement to firewalls as well as other IDS. The decoy sensor acts like a fully functioning server and can simulate email traffic between users to mirror the appearance of a live mail server. When attacks are directed at the decoy, it detects them through a series of data collection modules and records actions for analysis. Symantec Decoy Server 3.1 is distributed by Express Data and Tech Pacific.