When talking about security on the Cloud, these two terms are likely to come up in the discussion. What are these and what is the difference? So first of all, that fact we are covering them in one blog post, doesn’t mean they are similar. In fact, they are very, very different…
IPS (Intrusion Prevention System) are solutions that will actively prevent intrusion attempts. For example, they can communicate with the firewall to induce rule changes to prevent security threats.
IDS (Intrusion Detection Systems) are solutions to detect intrusion attempts and are rather visibility tools. They are passive which means they detect and log suspicious activity into logfiles or can initiate an alarm (email, pager, etc).
There is a very detailed article on IPS/IDS on TechTarget, if you would like to do some further reading!
PTC Cloud Services and IPS and IDS
PTC Cloud Services utilizes defense in layers to protect data and stop attempts to exploit vulnerabilities. In addition to perimeter firewalls and end point protection that are used as measures of defense, we inspect packets using the latest IPS/IDS deep packet inspection tools.
Packets that are determined to be attempting to exploit high threat vulnerabilities are dropped automatically. Packets that don’t meet specific signatures or rules and are deemed less invasive or intrusive are evaluated looking for trends or other anomalies that may be indicative of malicious activity or even an attack.
Do you have any further questions on Intrusion Protection or Intrusion Detection? Comment below, talk to a Cloud Services Expert today or join us for an upcoming Cloud Security webcast!