IDSs/IPSs
An Intrusion Detection System (IDS) is known as passive, as it takes no action to protect or defend your network beyond its role as an alarm system. It uses sensors and collectors to detect suspicious or unauthorized activities, sounding the alarm when potential threats are discovered.
Conversely, an Intrusion Prevention System (IPS) is more aggressive and actively protects a network by not only identifying suspicious activities but also taking swift action to actively block or mitigate threats, ensuring that the network remains resilient against potential threats. The network-based IPS (NIPS) is placed very close to the firewall to filter all traffic coming into the network. For this reason, it is considered an inline device.
The network-based versions of the IPS and IDS (called NIPS and NIDS, respectively) can only operate on a network, not on a host device. When the IPS and IDS are placed on computers, they are known as host-based versions. These are called HIDS...