An intrustion prevention system (IDS) is a device that monitors traffic on a network for malicious or unwanted behavior. It can react and stop a threat before it is able to do damage to any computer or server on your network. When an attack is detected, it can drop the offending packets while still allowing safe packets to flow on the network. Intrusion prevention grew out of the older intrusion detection systems (IDS) that only alerted networks of malicious traffic but did nothing to stop it.
Intrusion Prevention Systems got a slow start due mainly to the hesitancy of network administrators to install a device that could potentially stop good traffic. As the technology has progressed and false positives are now controllable these devices have become a mainstay of networks striving to protect their networks. These type of of systems are now being integrated into the UTM devices which function as a firewall, Intrusion Prevention, and spam filtering devices. These devices are also known as Unified Threat Management Devices.
There are different types of IPS’s. These are Host-based, Content-based, Protocol-based, and Rate-based. Look for further articles describing each of these types of IPS’s in the near future.
Examples of vendors of these types of systems are:
Check Point, ISS, Cisco, and many others….
Add New Comment
Viewing 1 Comment
Thanks. Your comment is awaiting approval by a moderator.
Do you already have an account? Log in and claim this comment.
Do you already have an account? Log in and claim this comment.
Add New Comment