Intrusion Prevention System

From CNM Wiki
Revision as of 16:47, 18 July 2020 by QiratH (talk | contribs) (Created page with "Intrusion Prevention System (IDPS) is intrusion Detection System with the additional capability to take immediate and local action to block the detected attack. This i...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Intrusion Prevention System (IDPS) is intrusion Detection System with the additional capability to take immediate and local action to block the detected attack. This implies two differences, the positioning of the device as an interceptor through which all requests, malicious or benign, will pass, and the ability to diagnose the malicious behaviour with certainty. See also Intrusion Detection System and sensor.

Definitions

According to the CyBOK (version 1),

Intrusion Prevention System (IDPS). Intrusion Detection System with the additional capability to take immediate and local action to block the detected attack. This implies two differences, the positioning of the device as an interceptor through which all requests, malicious or benign, will pass, and the ability to diagnose the malicious behaviour with certainty. See also Intrusion Detection System and sensor.