1. Different meanings
IDS: Intrusion Detection System
Make an image metaphor: If the firewall is the door lock of a building, then IDS is the monitoring system in this building. Once a thief climbs the window and enters the building, or an insider crosses the border, the real-time monitoring system will find the situation and issue a warning.
IPS: intrusion prevention system
2. Different functions
IDS? Professionally speaking, it is to monitor the operation of the network and system according to certain security policies, and try to find all kinds of attack attempts, attacks or attack results to ensure the confidentiality, integrity and availability of network system resources.
IPS intrusion prevention system is a computer network security facility and a supplement to antivirus software and firewall. Intrusion prevention system is a computer network security device that can monitor the network data transmission behavior of network or network equipment, and can immediately interrupt, adjust or isolate some abnormal or harmful network data transmission behavior.
Extended information:
IDS intrusion detection system is a listening device, which is not bridged on any link and can work without network traffic flowing through it. Therefore, the only requirement for the deployment of IDS is that IDS should be hooked on the link through which all concerned traffic must flow.
IPS has become more and more popular in recent years, especially when suppliers are dealing with the early challenges of NAC market, such as awareness of deployment and usability difficulties. At present, most large organizations have fully deployed IPS, but before using NAC, these solutions were limited to some extent to prevent new attacks in the company network. You can configure all IPS probes to interrupt malicious or other unnecessary traffic in the network.
Baidu encyclopedia -IDS intrusion detection
Baidu encyclopedia -IPS