Skip to main content

Firewall, IDS, IPS

  • What are Firewall, IDS, and IPS?

    • Firewall: A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. It essentially establishes a barrier between your internal network and incoming traffic from external sources (such as the internet) in order to block malicious traffic like viruses and hackers.
    • IDS (Intrusion Detection Systems): IDS is a device or software application that monitors a network or systemss for malicious activity or policy violations. Any detected activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) systems.
    • IPS (Intrusion Prevention Systems): IPS, also known as intrusion detection and prevention systems (IDPS), is a network security appliance that monitors network and/or systems activities for malicious activity. The main function of an IPS is to identify suspicious activity, and then log information, attempt to block the activity, and then finally to report it.

  • Why are Firewall, IDS, and IPS important?

    • Security: They provide a first line of defense against threats from the internet, blocking attacks before they reach the internal network.
    • Monitoring: IDS and IPS monitor network traffic and provide alerts when suspicious activity is detected.
    • Prevention: IPS can actively block attacks and prevent them from penetrating the network.

  • Key Points to Consider:

    • Protection: Firewalls, IDS, and IPS improve the security of your network by blocking threats and detecting and preventing intrusions.
    • Visibility: They provide visibility into your network traffic, allowing you to identify and respond to threats quickly.
    • Control: They give you control over your network traffic, allowing you to define what is allowed and what is not.

  • Example - Using Firewall, IDS, and IPS in Personal Infrastructure: Suppose you have a home network with several devices connected. You can use a Firewall to block unwanted traffic, an IDS to monitor for suspicious activity, and an IPS to prevent any detected threats from affecting your network. This can help to keep your personal data and devices secure.