Chapter 5. Securing Networks with Cisco IOS IPS
IDS Versus IPS
The difference is pretty simple, but Table 5-1 has the breakdown.
Table 5-1. IDS Versus IPS
Intrusion Detection System (IDS)
Intrusion Prevention System (IPS)
Analyzes copied traffic; the initial packet still makes it through.
Works inline; the initial packet may be filtered if deemed offending traffic.
Network traffic performance is not affected.
The sensor should be able to handle the amount of network traffic present.
Some packets may get through to the network.
Malicious traffic will not enter the network.
There are many similarities between IDS and IPS. This is mainly because IPS is the evolution of IDS technology. These types of technologies are deployed as sensors because they “sense” ...