• Home
• Topics
• Network Security
• Network Security Best Practices and Products
• Intrusion detection vs. intrusion prevention

Intrusion detection vs. intrusion prevention

Requires Free Membership to View

Login

• E-mail Address: 

By submitting your registration information to SearchNetworking.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchNetworking.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

At a simple level, it's the difference between detection and prevention. IDS products are designed to inform you that something is trying to get into your system where IPS products actually attempt to prevent access.

Both IDS and IPS are designed for different purposes, but their technologies are similar. IDS is best used in situations where there is a need to explain what happened in an attack, whereas IPS stops attacks. An IDS system collects a lot of information that is not actionable from an IPS perspective, such as port scans and other reconnaissance.

An IDS analyzes traffic by comparing traffic to information in its database that contains patterns, called "signatures," found in known exploits. If certain traffic matches a pattern seen in an exploit, the IDS will send an alert to an administrator who can then take action to prevent the exploit or minimize the damage. IPS operates similar to IDS with one critical difference: IPS can block the attack itself; while an IDS sits outside the line of traffic and observes, an IPS sits directly in line of network traffic. Any traffic the IPS identifies as malicious is prevented from entering the network.

Check out TechTarget's IDS/IPS resources.

Dig Deeper

This was first published in November 2006

More from Related TechTarget Sites

• Enterprise WAN
• Unified Communications
• Mobile Computing
• Data Center
• Networking Channel

• Enterprise WAN

  • How to calculate the cost of VPN links

    Do you need to upgrade the bandwidth of your virtual private network (VPN)? Calculating link capacity will help control the cost of VPN links.

  • WAN optimization Magic Quadrant: Bandwidth management is an old hat

    WAN optimization has evolved beyond bandwidth management, according to Gartner's new Magic Quadrant: Enterprises need cloud and mobile optimization.

  • Hardware vs. software VPNs: Choose the right enterprise solution

    Deciding between hardware vs. software VPNs is the first step in narrowing down the best VPN solution for your enterprise.

• Unified Communications

  • SIP Forum to showcase SIP trunking interoperability for enterprises

    The SIP Forum has announced SIPconnect-IT, a live testing initiative for SIP trunking interoperability, which could lower SIP trunking costs and complexity.

  • TCO metrics key, but complex in IP telephony systems deployment

    Total cost of ownership (TCO) metrics for new IP telephony systems are often overlooked by enterprises, according to a new study, but other factors rank high in importance.

  • Avaya introduces iPad mobile UC appliation as mobility interest grows

    With mobile unified communications a major priority for enterprises in 2012, Avaya has launched a mobile UC product for the iPad.

• Mobile Computing

  • Bringing BYOD to your enterprise

    Bring your own device (BYOD) can be a boon for both employees and enterprises, but clear policies and management tools are needed.

  • Meeting technical requirements for mobile health care deployments

    IT departments deploying mobile health care solutions must ensure that using mobile devices in health care settings doesn't violate federal laws or compromise security.

  • Making the call: Distributed antenna systems and in-building wireless

    Distributed antenna systems and in-building wireless solutions are two options to improve wireless cellular coverage within an enterprise facility.

• Data Center

  • DevOps, Opscode Chef automate online auction site’s private cloud

    A darling of the DevOps crowd, the Opscode Chef cloud configuration and automation tool is now the central point of IT control for MercadoLibre’s sprawling online auction site.

  • Data center experts push back on ASHRAE economizer requirements

    An addendum to the ASHRAE 90.1-2010 energy standard could ease energy efficiency requirements on anyone building or significantly expanding data centers in the U.S.

  • Punch up database performance by reorganizing data

    A well-timed mainframe database reorg can result in much improved response.

• Networking Channel

  • Five WLAN questions answered: WPS attacks, access control, and more

    Even after a successful Wi-Fi network implementation, users are fraught with WLAN questions regarding access control and management. Do you have the answers?

  • Cisco Live London: 40 and 100 GbE switching and souped up WLAN

    At Cisco Live London, Cisco debuted 40 and 100 GbE line cards for Nexus and Catalyst switching lines, as well as a 4-antenna wireless access point meant to soup up the WLAN.

  • Selling public sector IT solutions forces partners to do some homework

    The need for public sector IT solutions is growing due to developing network activity, but can partners must be ready to commit to longer sales cycles and other complications.

• About us
• Contact us
• Site index
• Privacy policy
• Advertisers
• Business partners
• Events
• Media kit
• TechTarget corporate site
• Reprints
• Site map