Chapter 5. Securing Networks with Cisco IOS IPS

IDS Versus IPS

The difference is pretty simple, but Table 5-1 has the breakdown.

Table 5-1. IDS Versus IPS

Intrusion Detection System (IDS)

Intrusion Prevention System (IPS)

Analyzes copied traffic; the initial packet still makes it through.

Works inline; the initial packet may be filtered if deemed offending traffic.

Network traffic performance is not affected.

The sensor should be able to handle the amount of network traffic present.

Some packets may get through to the network.

Malicious traffic will not enter the network.

There are many similarities between IDS and IPS. This is mainly because IPS is the evolution of IDS technology. These types of technologies are deployed as sensors because they “sense” ...

Get CCSP SND Quick Reference now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.