Richard wants to modify his current network IDS solution to allow his sensor to stop unwanted activity, turning it into an IPS. Richard should replace his passive TAP with an ______________ to allow his sensor to terminate unwanted connections?


1 Answers

Jennifer Bone Profile
Jennifer Bone answered
IDS and IPS devices can and should be used concurrently because they sit in different spots on the network.  Worms and viruses will be prevented by an IPS product installed at the perimeter of the network.  With careful and diligent tuning even very recent threats should be detected and blocked.

If an IDS product is installed inside the firewall, is will monitor all internal activity which will prevent insider threats and make visible security events both past and present.

One device that does IDS and IPS enables you to run IDS on part of the network while running IPS on another.

Answer Question