Please enable JavaScript.
Coggle requires JavaScript to display documents.
Intrusion Prevention System (IPS) (Trigger actions/responses (Drop, reset,…
Intrusion Prevention System (IPS)
Trigger actions/responses
Drop
reset
block
alert
monitor/log
shun
IPS deployment methods
Network based IPS
Host based IPS
Modes of Deployment
Promiscuous mode
SPAN mode
Inline mode
TAP mode
IPS placement methods
Inside
Outside
DMZ
IPS/IDS Terminologies
False negative
True Positive
False positive
True negative
Blacklist
Static
Dynamic
Tools for traffic detetction
● Signature based IDS/IPS
● Policy based IDS/IPS
● Anomaly based IDS/IPS
● Reputation based IDS/IPS
Signature engine
Atomic
Service
String or multistring
Other