Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)

The key difference between IDS and IPS lies in “detection” vs. “prevention.” Intrusion Detection Systems (IDS) monitor and scrutinize network traffic for known cyberattack signatures. Intrusion Prevention Systems (IPS), which reside between the internal network and external networks (like the Internet), reject incoming traffic when it indicates a recognized security threat profile.

 

Threat profiles take into account many factors, including security policy violations, malware and port scanners.

 

Seeking Clarity?

View the Cybersecurity Dictionary for top terms searched by your peers.