SOC Experts Community - Beta
0 like 0 dislike
in Security Concepts by (370 points)

2 Answers

0 like 0 dislike
by (4.1k points)
edited by

IDS is “intrusion detection system” and IPS is “intrusion prevention system.”

IDS is a network tool, which can be hardware, software or both, to detect and log any malicious access to your network. It doesn’t prevent but log it to be used for future security analysis.  If an attack is detected then the IDS reports the attack. But it is then up to the administrator to take action. The major flaw is that they produce a lot of false positives.

IPS will inspect content of the request and be able to drop, alert, or potentially clean a malicious network request based on that content. The determination of what is malicious is based either on behavior analysis or through the use of signatures.

0 like 0 dislike
by (5.4k points)
IDS: intrusion detection system, it detects and alerts the malicious IP packet.

IPS: intrusion prevention system, it detects,alerts and inspects the header and payload of the IP packet and blocks it.

SOC Experts - No. 1 Job Oriented Cybersecurity Training Program

View our Courses