Network Security Library
  
  E-Mail Updates     Become an Author    Javascript Feeds    RSS Feed    Author Listing    Security Dashboard
About | Contact | Advertise | Site Map    

Categories
Application Security
Architecture
Authentication
Certifications
Disaster Recovery
Encryption
Enterprise Security
Exploits
Firewall
Incident Handling
Intrusion Detection
Laws and Regulations
Malicious Code
Operating System
Security Basics
Security Management
Security Policies
Security Tools
Standards
Vulnerability Management
Web Security
Wireless Security

Papers
Newest
Highest Rated
Most Viewed
Reference

Authors
Author List
Become an Author
Submission Form

Services
E-Mail Updates
Javascript Feeds
RSS (New Papers)
Security Dashboard

Our Stuff
About SecurityDocs
Advertise
Contact

Valid HTML 4.01!
Valid CSS!

SecurityDocs.com

Help | Advanced Search
 What's New?
What's Popular?
IPS vs. IDS: Similar on the Surface, Polar Opposites Underneath
sponsored by TippingPoint
Posted:  05 Nov 2009
Published:  05 Oct 2009
Format:  PDF
Length:  9   Page(s)
Type:  White Paper
Language:  English


ABSTRACT:
A common notion is that an Intrusion Prevention System (IPS) is nothing more than an Intrusion Detection System (IDS) deployed in-line with blocking capabilities. This paper explains why that notion is incorrect.

Although IPS and IDS both examine traffic looking for attacks, there are critical differences. IPS and IDS both detect malicious or unwanted traffic. They both do so as completely and accurately as possible, at the speed of the network. But an IPS is an in-line device designed for automatic enforcement of network policy, whereas an IDS is an out-of-band device designed as a forensic tool for security analysts.

This difference in deployment and utility has two direct consequences:

  1. it changes the emphasis on device design requirements, and
  2. the methods hackers use to attack the devices.
Not surprisingly, these changes lead to different engineering designs and technology that may be ideal for IDS but may be sub-optimal for IPS, or vice versa. IPS and IDS share four basic requirements:
  • Stability
  • Deterministic Network Performance
  • Minimize False Negatives
  • Minimize False Positives
Although these requirements appear to be similar, the differences between IPS and IDS deployment and purpose cause substantial distinctions in prioritizing the requirement, the meaning of the requirement, and implementation options available for meeting the requirement. Read this paper to learn more about the important differences between IDS and IPS.




BROWSE RELATED RESOURCES
Intrusion Detection | Intrusion Detection Systems | Intrusion Prevention | Intrusion Prevention Systems | Network Security | Network Security Software | Security | Security Management | Security Systems

View All Resources sponsored by TippingPoint

Library Home  |  Advertise with Us
A Service of Bitpipe

SecurityDocs.com Copyright © 1998-2009 Bitpipe, Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.
TechTarget · 117 Kendrick St · Needham, MA · 02494
Use of this web site constitutes acceptance of the Bitpipe Terms and Conditions and Privacy Policy.
webmaster@bitpipe.com


Unless otherwise noted, all paper copyrights are owned by the author. The rest copyright 2003-2005 TechTarget

Privacy : Contact