Detection systems guard against network intrusion
How do the different types of intrusion prevention system (IPS) work? Inline systems sit on the network like layer-two bridges, passing traffic along as they receive it. Host-based systems sit on the server, watching the traffic that it sends and receives. Both check packets for any suspicious activity, often using the most basic method of detection: signatures, or rules. If traffic passing through the network intrusion detection system matches a certain pattern, it can be blocked; traffic already identified as malicious doesn't make it through.
Provided by: Intel Topic: Security Date Added: Oct 2011 Format: PDF