Do you want to Detect or Prevent?
Over 15 years ago, the technology and cybersecurity industry introduced Intrusion Detection Systems (IDS) as a way for security teams to monitor anomalies within networks behind the firewalls. Infrastructures were relatively small and the alerts an IDS would send could be reviewed by team members and then followed up with a reaction in a timely manner if necessary.
Around the same time, Intrusion Prevention Systems (IPS) were introduced to an industry reeling from the effects of cyber threats beyond just getting alerts that something might be happening. IPS took the IDS concept further by being able to not only detect anomalies and suspicious activity but to stop it and contain it with quarantine policies. You could also easily create custom filters to granularly react and prevent threats.
Most people outside of cybersecurity, even those working in technology, are still unsure of the differences between an IDS and IPS. Without getting into all the technical details of a unified threat management system (UTM), and explaining it simply, here's what it boils down to:
Imagine you wanted to protect your home from crooks and thieves intent on stealing your things while you're away. You go out and get an angry pitbull (Pitbulls get a bad rap - raised and trained right, they are great protective companions), bring it home and put it in a crate, in the hopes that if someone breaks into your home the pitbull will bark and raise Cain and alert the neighborhood. Of course, if no one is around, the barks will go unnoticed and the crooks will have cleared you out of your valuables.
That is an IDS.
Now imagine the same scenario, except that angry pitbull isn't crated or locked up in your home. Crooks and bad guys decide to intrude your home and see what valuables you have they can steal. What do you think will happen when they break into your home and meet the angry Pitbull?
That is an IPS.
Which would you rather have to protect your business and information?
Firestorm Cyber is a global cybersecurity company with industry-leading services to help you protect your systems and information. We are the world's only Managed Security Service Provider (MSSP) that offers guaranteed protection against Ransomware, backed by a $1 Million warranty.