Acrónimo de
“intrusion prevention system” (sistema de prevención de intrusiones). El IPS va
un paso más allá que el IDS y bloquea el intento de intrusión.
http://es.pcisecuritystandards.org
Aproximación
de un IDS a la tecnología cortafuegos consistente en permitir o denegar el
tráfico mediante el uso de firmas o análisis de anomalías. [CCN-STIC-400:2006]
(en) Intrusion Prevention
System (IPS)
System that can detect an
intrusive activity and can also attempt to stop the activity, ideally before it
reaches its targets. [CNSSI_4009:2010]
The process of monitoring
the events occurring in a computer system or network, analyzing them for signs
of possible incidents, and attempting to stop detected possible incidents. See
also intrusion detection and prevention. [NIST-SP800-94:2007]
Software that has all the
capabilities of an intrusion detection system and can also attempt to stop
possible incidents. Also called an intrusion detection and prevention system.
[NIST-SP800-94:2007]
a variant on intrusion
detection systems that are specifically designed to provide an active response
capability. [ISO-18028-1:2006]
Acronym for “intrusion
prevention system.” Beyond an IDS, an IPS takes the additional step of blocking
the attempted intrusion.
https://www.pcisecuritystandards.org/security_standards/glossary.php
Intrusion protection systems
perform the same detection functions of an IDS, with the added capability to
block traffic. Traffic can typically be blocked by dropping the offending
packet( s), or by forcing a reset of the offending TCP/ IP session. IPS works
in-line, and therefore may introduce latency. [knapp:2014]
Intrusion prevention is a
preemptive approach to network security used to identify potential threats and
respond to them swiftly. Like an intrusion detection system (IDS), an intrusion
prevention system (IPS) monitors network traffic. However, because an exploit
may be carried out very quickly after the attacker gains access, intrusion
prevention systems also have the ability to take immediate action, based on a
set of rules established by the network administrator.
http://searchsecurity.techtarget.com/
A network intrusion
detection system detects intrusion attempts via a net- work interface card.
which connects to the network either in-line or via a span or tap port. [knapp:2014]
A network intrusion
prevention detection system detects and prevents intrusion attempts via a
network-attached device using two or more network interface cards to support
inbound and outbound network traffic, with optional bypass interfaces to preserve
network reliability in the event of a NIPS failure. [knapp:2014]
Acronyme d’«intrusion
prevention system», système de prévention d’intrusion. Au-delà de l’IDS, un ISP
prend la mesure plus poussée de bloquer la tentative d’intrusion.
http://fr.pcisecuritystandards.org/