Intrusion prevention systems (IPS)

February 2017

IPS

The computing media is starting to use the term IPS (Intrusion Prevention System) more and more, as a replacement for "traditional" IDSs or to make a distinction between them.

An IPS is a system for preventing intrusions and protect against them, not just recognising and reporting them like most IDSs. There are two main characteristics which distinguish a (network) IDS from a (network) IPS:

  • The IPS sits inline on the IPS network, and does not just passively listen to the network like an IDS (traditionally placed as a sniffer on the network).
  • The IPS has the ability to immediately block intrusions, no matter what transport protocol is used and without reconfiguring a third-party device, which means that the IPS can filter and block packets in native mode (by dropping the connection, dropping offending packets, blocking the intruder, etc.).

Article written 29 January 2003 by Cyrille Larrieu.

Related



Sistema de prevención de intrusiones (IPS)
Sistema de prevención de intrusiones (IPS)
Systèmes de prévention d'intrusion (IPS)
Systèmes de prévention d'intrusion (IPS)
Sistemi di prevenzione d'intrusione (IPS)
Sistemi di prevenzione d'intrusione (IPS)
Sistemas de prevenção de intrusão (IPS)
Sistemas de prevenção de intrusão (IPS)
This document, titled "Intrusion prevention systems (IPS)," is available under the Creative Commons license. Any copy, reuse, or modification of the content should be sufficiently credited to CCM (ccm.net).