This overcomes the blindness that Snort has to obtain signatures break up in excess of quite a few TCP packets. Suricata waits until finally all of the data in packets is assembled ahead of it moves the knowledge into analysis. A NNIDS also analyzes the packets that go through it. https://rylanhkkll.blogrelation.com/39613379/the-best-side-of-ids
