This chapter covers the following topics:
IPS versus IDS
Identifying malicious traffic on the network
Managing signatures
Monitoring and managing alarms and alerts
Overview of the Cisco Next-Generation IPS solution
Cisco intrusion detection systems (IDS) and intrusion prevention systems (IPS) are some of many systems used as part of a defense-in-depth approach to protecting the network against malicious traffic. Cisco has many different platforms and options for implementing an IPS/IDS system, but the basic concepts apply across all of these platforms. This chapter focuses on the concepts of IPS/IDS in general.