IDS/IPS implementation

IDS (Intrusion Detection System) is a system responsible for detecting attempts of attacks on network infrastructure.

IPS (Intrusion Prevention System) is a very similar system that not only detects, but also prevents intrusions and protects network infrastructure against them. It can be concluded that IPS is IDS connected to the firewall. IDS/IPS is a comprehensive system for detecting and responding to intrusions in the network infrastructure.

The most important functions of IDS/IPS systems are:

  • System monitoring
  • Detection of attacks
  • Immediate notifications (send to the administrator)
  • Automatic action taking.

At Virtline, we have experience in implementing both commercial solutions (usually based on Fortinet products) as well as open source projects (Snort).