IDS (Intrusion Detection System) is a system responsible for detecting attempts of attacks on network infrastructure. IPS (Intrusion Prevention System) is a very similar system that not only detects, but also prevents intrusions and protects network infrastructure against them. It can be concluded that IPS is IDS connected to the firewall. IDS/IPS is a comprehensive system for detecting and responding to intrusions in the network infrastructure.
The most important functions of IDS/IPS systems are:
- system monitoring
- detection of attacks,
- immediate notifications (send to the administrator),
- automatic action taking.
At Virtline, we have experience in implementing both commercial solutions (usually based on Fortinet products) as well as open source projects (Snort).