An intrusion prevention system (IPS) is a system that monitors a network for malicious activities such as security threats or policy violations. The main function of an IPS is to identify suspicious activity, and then log information, attempt to block the activity, and then finally to report it.
Intrusion prevention systems are also known as intrusion detection prevention systems (IDPS).
An IPS can be either implemented as a hardware device or software. Ideally (or theoretically) and IPS is based on a simple principle that dirty traffic goes in and clean traffic comes out.
Intrusion prevention systems are basically extensions of intrusion detection systems. The major difference lies in the fact that, unlike intrusion detection systems, intrusion prevention systems are installed are able to actively block or prevent intrusions that are detected. For example, an IPS can drop malicious packets, blocking the traffic an offending IP address, etc.
Intrusion prevention systems are also known as intrusion detection prevention systems (IDPS).
An IPS can be either implemented as a hardware device or software. Ideally (or theoretically) and IPS is based on a simple principle that dirty traffic goes in and clean traffic comes out.
Intrusion prevention systems are basically extensions of intrusion detection systems. The major difference lies in the fact that, unlike intrusion detection systems, intrusion prevention systems are installed are able to actively block or prevent intrusions that are detected. For example, an IPS can drop malicious packets, blocking the traffic an offending IP address, etc.
0 Comments