IDS/IPS implementation
IDS (Intrusion Detection System) is a system responsible for detecting attempts of attacks on network infrastructure.
IPS (Intrusion Prevention System) is a very similar system that not only detects, but also prevents intrusions and protects network infrastructure against them. It can be concluded that IPS is IDS connected to the firewall. IDS/IPS is a comprehensive system for detecting and responding to intrusions in the network infrastructure.
The most important functions of IDS/IPS systems are:
- System monitoring
- Detection of attacks
- Immediate notifications (send to the administrator)
- Automatic action taking.
At Virtline, we have experience in implementing both commercial solutions (usually based on Fortinet products) as well as open source projects (Snort).