x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF

Technical Support

Need help?

 

What is an Intrusion Prevention System or IPS?

Information applies to:

Products
Panda GateDefender Integra 100
Panda GateDefender Integra 300

An intrusion prevention system (IPS) consists of a set of predefined actions that aim to proactively and effectively block suspicious activities from both external/internal networks and the host itself. IPS has an important advantage over traditional firewall technologies, as it takes access control decisions based on traffic content instead of IP addresses or ports.

 

Characteristics and types of IPS

  • It detects intruders by the checking the identifiers of suspicious activities against the signatures of known malicious activities, which are included in a signature file.
  • For protection against intrusions to be effective, an IPS must have a system that keeps the file that contains the identifiers of intrusions constantly up-to-date.
  • An intrusion prevention system can consist of software, hardware or a combination of the two.
  • There are different types of IPS, depending on their location:

    • Network IPS:

      • These aim to protect the network segments or zones which they can access.
      • They capture network traffic (sniffers) and analyze them for patterns that could be some type of attack.
      • If they are correctly installed in the network, they can analyze large networks and generally have a minimum impact on traffic.
      • They use a network device configured in promiscuous mode. This means that they can intercept and analyze all the packets in a network segment, even if they are not addressed to a specific computer.
      • They usually analyze traffic in real time.
      • They not only work at TCP/IP level, but can also operate in the application layer.
      • A network IPS can be located in the network segments exposed to external networks (WAN and the Internet) in the zone that hosts the services and public servers (DMZ), or they can simply inspect traffic in the internal network. The optimum solution for detecting intruders from untrustworthy networks is to place the IPS and the firewall in the same device.
    • Host IPS:

      • These were the first IDS (Intrusion Detection System) developed by the IT security industry.
      • They protect a single computer.
      • They monitor a large amount of events and activities, accurately determining which processes and users are involved in a certain action.
      • They collect system information, such as files, log files and resources to then analyze it locally for possible incidents in the system.
Help nº- 20070702 31452 EN

Have you resolved your query with this article?

yes no

Thanks for your answer


Why didn't you find it helpful?


The instructions are too complex.
The instructions are too long.
The instructions don't work.
I'd rather have a video.
Other reasons.




Talk to a technician!

 

Business hours: Mondays-Fridays 9:00 to 18:00 CET

Outside business hours, please use the online form.





ALWAYS ONLINE TO HELP YOU TWITTER FORUM RATE US CHAT
ALWAYS ONLINE TO HELP YOU TWITTER FORUM RATE US CHAT