• What is Intrusion Prevention System (IPS)?

    Intrusion Prevention System (IPS)

    IDS,IPS,ips security,ids security,id system,intrusion system,internet security,network intrusion,network security,ips network security,ips and ids,ips cyber security,system security,network security system,ips in network system,ips cyber security,intruders in network security
    Intrusion Prevention System (IPS)

    An Intrusion Prevention System (IPS) is a network security/threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits. Intrusion prevention systems are also known as intrusion detection prevention systems (IDPS).

    The IPS reports these events to system administrators and takes preventative action, such as closing access points and configuring firewalls to prevent future attacks.

    How Does IPS Techniques Work?

    Intrusion prevention systems work by scanning all network traffic. The IPS performs real-time packet inspection, deeply inspecting every packet that travels across the network.

    IDS,IPS,ips security,ids security,id system,intrusion system,internet security,network intrusion,network security,ips network security,ips and ids,ips cyber security,system security,network security system,ips in network system,ips cyber security,intruders in network security
    Difference b/w Intrusion Prevention & Detection System 

    There are several different threats that an IPS used to prevent them:-
    • Denial of Service (DoS) attack
    • Distributed Denial of Service (DDoS) attack
    • Viruses
    • Backdoor etc...

    IPS is a control system that accepts or rejects a packet-based on the ruleset.

    IPS are used two number of Detection's methods:-

    • Signature Based Detection
    • Statistical anomaly-based detection
    If You Don't Read About Default Gateway? Click On Link and Read Out.

    Signature Based Detection

    As an exploit is discovered, its signature is recorded and stored in a continuously growing dictionary of signatures. An attack is initiated that matches one of these signatures or patterns, the system takes necessary action.

    Statistical Anomaly Based Detection

    The anomaly-based approach monitors for any abnormal or unexpected behavior on the network. when the sample of network traffic activity is outside the parameters of baseline performance, the IPS takes action to handle the situation.

    Features of IPS:-

    • Sending an alarm to the administrator (as would be seen in an IDS)
    • Dropping the malicious packets
    • Blocking traffic from the source address
    • Resetting the connection



  • You might also like

    No comments:

    Post a Comment