Monday, April 18, 2005

Differences Between IDS and IPS

"An interesting article explaining differences between IDS n IPS..."

With the rapid increasing of internal threats, and those that easily bypass traditional perimeter security defenses, organizations must think about security beyond the perimeter. To meet these demands many organizations have looked to Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS). While IPS and IDS are an important feature in a layered security deployment, products falling under these categories only partially address the unique requirements of internal networks.

IPS and IDS originally were designed to address requirements lacking in most legacy firewalls and traditional perimeter defense systems. IDS solutions are typically used to monitor potential intrusions after the fact, and IPS solutions are focused on identifying and blocking attack traffic. IPS's inherited from their IDS predecessors both a reliance on reactive signatures to detect attacks and an orientation for perimeter security. While both systems play a critical role in preventing external attacks, neither is prepared to completely protect an organization from internal threats.  Read more...

No comments: