FREE MEMBERSHIP - Create your personalized Bitpipe Service!  Members: Sign in 
 Nov 21, 2009
 Free Newsletters  Most Popular Reports  Top Topics  Research Guides  RSS  About Us
Search Bitpipe: 
   Search Help
IPS vs. IDS: Similar on the Surface, Polar Opposites Underneath
sponsored by TippingPoint
Posted:  05 Nov 2009
Published:  05 Oct 2009
Format:  PDF
Length:  9   Page(s)
Type:  White Paper
Language:  English
ABSTRACT:
A common notion is that an Intrusion Prevention System (IPS) is nothing more than an Intrusion Detection System (IDS) deployed in-line with blocking capabilities. This paper explains why that notion is incorrect.

Although IPS and IDS both examine traffic looking for attacks, there are critical differences. IPS and IDS both detect malicious or unwanted traffic. They both do so as completely and accurately as possible, at the speed of the network. But an IPS is an in-line device designed for automatic enforcement of network policy, whereas an IDS is an out-of-band device designed as a forensic tool for security analysts.

This difference in deployment and utility has two direct consequences:

  1. it changes the emphasis on device design requirements, and
  2. the methods hackers use to attack the devices.
Not surprisingly, these changes lead to different engineering designs and technology that may be ideal for IDS but may be sub-optimal for IPS, or vice versa. IPS and IDS share four basic requirements:
  • Stability
  • Deterministic Network Performance
  • Minimize False Negatives
  • Minimize False Positives
Although these requirements appear to be similar, the differences between IPS and IDS deployment and purpose cause substantial distinctions in prioritizing the requirement, the meaning of the requirement, and implementation options available for meeting the requirement. Read this paper to learn more about the important differences between IDS and IPS.





BROWSE RELATED RESOURCES
Intrusion Detection | Intrusion Detection Systems | Intrusion Prevention | Intrusion Prevention Systems | Network Security | Network Security Software | Security | Security Management | Security Systems

View All Resources sponsored by TippingPoint
Home | About Us | Contact Us | Advertise with Us | Partner with Us | Site Index
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines

Definitions: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Other   TechTarget - The Most Targeted IT Media
TechTarget Corporate Web Site  |   Media Kits  




All Rights Reserved, Copyright 2000 - 2009, TechTarget | Read our Privacy Statement