Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint
    Share this Page URL
    Help

    Chapter 1. Introducing Intrusion Detecti... > Intrusion Prevention Versus Intrusio...

    Intrusion Prevention Versus Intrusion Detection

    Intrusion detection is powerful in that you can be notified when potential problems or attacks are introduced into your network. However, detection provides only limited capabilities for preventing attacks from being successful. Detection is limited because it operates on copies of packets. These copies of packets are usually received from another Cisco device (typically a switch). Sensors that operate using intrusion detection are said to run in promiscuous mode.

    Intrusion prevention is more powerful because the sensor has much greater capabilities for preventing malicious traffic from entering your network or a particular network segment. The sensor can perform prevention because it operates inline with packet flows.


      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial


      
    • Safari Books Online
    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint