Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
322
Views
5
Helpful
1
Replies

the defferences between IDS & IPS

hanyawad
Level 1
Level 1

‎01-21-2010 11:39 AM - edited ‎03-11-2019 10:00 AM

dear experts, would you mind describing to me the differences between the IDS, IPS, and the normal functions of the firewall policies in the ASA and PIX firewall?

thanks alot for your help

Labib Makar

Labels:
0 Helpful
1 Reply 1

vilaxmi
Cisco Employee
Cisco Employee

‎01-21-2010 08:59 PM

Hello,

Basically IDS (Intrusion Detection System) is a device which can sniff (copy)  traffic and analyze (compare against pre-defined signatures) it for any bad behavior or malicious traffic, this means that IDS device can’t be positioned inline in the path of traffic which results of limitation of its capability of protection (it is more Detection not Prevention/Protection).So basically, it is a passive-monitoring system which may be used in conjunction with IPS to prevent attacks.

While IPS (Intrusion Prevention System) can be deployed inline which gives it ability to block malicious / bad traffic before it reaches its destination. But you have to be carful as nowadays you might find device described as IDS which can be deployed inline like Cisco IDSM which is in fact IPS but they are using both names interchangeably.

HTH

Vijaya

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card