Detection & Prevention Systems

762 WordsFeb 4, 20183 Pages
Intrusion Detection & Prevention Systems are both very crucial to have for all computers that need to be protected in real time. The 21st Century has shown the most growth in the IDPS’s as more and more threats of all types are made. Although there are a lot of different types of IDPS’s, their functions can be similar or very different, giving you many different types of protection. Intrusion Detection & Prevention Systems mechanisms are expected to be able to perform a few functions other than detecting and preventing. If the Intrusion system just blocks a possible attack and not write down somewhere that an incident has happened, it gives the attacker multiple attempts to penetrate the wall; seeing what works and what doesn’t. So it’s important that IDPS can log all events that are detected, create reports when needed to show recent attacks and attempts, and thorough information about them. The detection mechanisms of the systems are all similar; Signature-based detection, where the systems compares traffic to a list of known attacks, this list is updated regularly to ensure future security. Another detection mechanism is anomaly-based detection; when the performance of a computer doesn’t match what the computer believes to be its baseline of performance. It detects to see what “shouldn’t be” and takes action. The final type that I want to mention is policy-based detection, where there is a set of functions that can be executed and will not allow certain types of actions
Open Document