11.2 – IDS vs. IPS vs. Firewall

IDS Intrusion Detection system is a system for monitoring a computer network, to determine whether or not an attack is in place. It does not avoid the attacks from reaching the different resources (though there are certain choices to configure it to send RST packets on certain platforms). IDS does not receive the traffic, from server to client or client to server; it generally receives a copy from the network device attached to it (TAP, SPAN session, Packet broker, and PC). IPS IPS (Intrusion Prevention System) is a device that observes traffic for particular attack configurations and uncommon pattern behaviors,…