Security Encyclopedia

Intrusion Detection and Prevention System

An Intrusion Detection and Protection System (IDPS), or an Intrusion Prevention System (IPS), is a device or software that screens network traffic to avert security incidents.

IDPS solutions can take different forms but they generally work across their setting to scan for malicious activity, log and analyze data, identify anomalies, prevent harm or its continuation, and report abnormalities.

An IDPS can be network-based to protect a computer network, wireless network-based to protect wifi, it can check for network behavior, and it can take the form of a software download on a single device. McAfee NSP, Trend Micro TippingPoint, and Hillstone NIPS are all examples of an IDPS.

Example:

“If our firewall catches some malware delivery, our IDPS will note that so we have some basis for ongoing or additional prevention.”