Intrusion Prevent System Basics
One of the first security tools, other than your firewall, was the intrusion prevention system (IPS). An IPS allows you to view the network traffic and based on signatures that the IPS manufacturer creates, it will trigger a reaction to the connection. In an IPS, it will actually terminate the connection thus preventing the attack from occuring. If your IPS is in detection mode, otherwise known as an intrusion detection system (IDS), it will throw an alert from which you can take further investigation steps and react accordingly. But it is an entirely manual process to react to that malicious traffic. Now that is the basics of an IPS, but I want to go further into how you should implement and maintain these systems so that you can get the most out of your system.