The NIDS sits on the control center local area network, to identify attacks against the control servers and the human-machine interface (HMI), and on the demilitarized zone (DMZ), to identify attacks against decision support servers (DSSs), Web servers, and other systems that users on the enterprise can access.