There are different modes of operation for the sensors of the NIPS/NIDS:
- Inline: The NIPS will be placed on or very near to the firewall as an additional layer of security when the NIPS has been set up in inline mode the flow of traffic goes through the NIPS. This is known as in-band.
- Passive: The traffic does not go through the NIPS, this mode is normally used by the NIDS as it detects changes in traffic patterns in the local network. This is known as out of band.
When sensors are placed inside the network, they can only detect traffic once it is inside your network and has passed through your firewall. If you wish to detect attacks before they come into your network, the sensor must be placed on the external network ...