Intrusion Prevention System

Properties


name
Intrusion Prevention System
definition
Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, report it and attempt to block or stop it. Intrusion prevention systems are considered extensions of intrusion detection systems because they both monitor network traffic and/or system activities for malicious activity. The main differences are, unlike intrusion detection systems, intrusion prevention systems are placed in-line and are able to actively prevent or block intrusions that are detected. IPS can take such actions as sending an alarm, dropping detected malicious packets, resetting a connection or blocking traffic from the offending IP address. An IPS also can correct cyclic redundancy check (CRC) errors, defragment packet streams, mitigate TCP sequencing issues, and clean up unwanted transport and network layer options.
synonyms
IDPS
synonyms
Intrusion Detection and Prevention System
synonyms
IPS
defined by
http://dbpedia.org/resource/Intrusion_detection_system#Intrusion_prevention
see also
http://dbpedia.org/resource/Intrusion_detection_system

Neighbors

IntrusionPreventionSystem has no direct neighbors in this release.

Inferred Relationships

This page is experimental and may change significantly in future releases.

Hierarchy

(filtered)

Related Countermeasure Techniques

No related defensive techniques in this release.

Related Weaknesses

Related Offensive Techniques

No related offensive techniques in this release.