Chapter 1. Introducing Intrusion Detection and Prevention

Understanding Intrusion Prevention and Detection

An intrusion detection system (IDS) is similar to an intrusion prevention system (IPS). Both enable you to analyze network traffic in an attempt to identify malicious or otherwise interesting traffic. Cisco provides for intrusion detection and prevention in a variety of ways in its current security portfolio, and IDS or IPS refer to how it is deployed rather than which product is deployed.

You might add this powerful tool to your network via a dedicated hardware appliance known as a sensor. Or you might add this functionality using a network module inserted into a router or firewall. However you decide to implement the technology, the goal ...

Get CCNP Security IPS 642-627 Quick Reference, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.