Network-based Intrusion Prevention System (NIPS)
Definition - What does
Network-based Intrusion Prevention System (NIPS)
mean?
A network-based intrusion prevention system (NIPS) is a system used to monitor a network as well as protect the confidentiality, integrity, and availability of a network. Its main functions include protecting the network from threats, such as denial of service (DoS) and unauthorized usage.
The NIPS monitors the network for malicious activity or suspicious traffic by analyzing the protocol activity. Once the NIPS is installed in a network, it is used to create physical security zones. This, in turn, makes the network intelligent and quickly discerns good traffic from bad traffic. In other words, the NIPS becomes like a prison for hostile traffic such as Trojans, worms, viruses, and polymorphic threats.
An intrusion prevention system (IPS) sits in-line on the network and monitors the traffic. When a suspicious event occurs, it takes action based on certain prescribed rules. An IPS is an active and real-time device unlike an intrusion detection system, which is not inline and is a passive device. IPSs are considered to be the evolution of the intrusion detection system.
Techopedia explains
Network-based Intrusion Prevention System (NIPS)
NIPSs are manufactured using high-speed application-specific integrated circuits (ASICs) and network processors, which are used for high-speed network traffic since they are designed to execute tens of thousands of instructions and comparisons in parallel, unlike a microprocessor, which executes one instruction at a time.
The majority of NIPSs utilize one of the three detection methods as follows:
Signature-based detection: Signatures are attack patterns predetermined and preconfigured. This detection method monitors the network traffic and compares it with the preconfigured signatures so as to find a match. On successfully locating a match, the NIPS takes the next appropriate action. This type of detection fails to identify zero-day error threats. However, it has proved to be very good against single packet attacks.
Anomaly-based detection: This method of detection creates a baseline on average network conditions. Once a baseline has been created, the system intermittently samples network traffic on the basis of statistical analysis and compares the sample to the created baseline. If the activity is found to be outside the baseline parameters, NIPS takes the necessary action.
Protocol state analysis detection: This type of detection method identifies deviations of protocol states by comparing observed events with predefined profiles.
Home
Dictionary
Tags
Security
Related Terms
Intrusion Detection System (IDS)
Network-based Intrusion Detection System (NIDS)
Host-based Intrusion Detection System (HIDS)
Host-based Intrusion Prevention System (HIPS)
Intrusion Prevention System (IPS)
Wide Area Network (WAN)
Application-Specific Integrated Circuit (ASIC)
Denial-of-Service Attack (DoS)
Authentication
Firewall
Related Videos
Related Links
Related White Papers
Other Resources
Related Tags
Categories:
Networking
Data Management
Platforms
Viruses
Security
Synonyms:
NIPS
Recommended For You
close
Public, Private and Hybrid Clouds: What's the Difference?
Read More
ยป
Tweet
Tweet
Popular White Papers
Techopedia Newsletter Sign-Up
Get Techopedia delivered to your inbox!
Term of the Day:
Get a new Techie Term sent to you every business day
Best of Techopedia:
We"ll bring you the best Techie articles each month.
Sign-In
Join Techopedia
Follow Us
Follow Techopedia on Facebook
Follow Techopedia on LinkedIn
Follow Techopedia on Twitter
Add Techopedia on Google Plus
Get Techopedia on RSS
Home
Dictionary
Articles
Tutorials
Newsletters
Development
Networks
Wireless
Support
Linux
Enterprise
Enterprise Apps
Security
CRM
IT Business
IT Careers
IT Management
Trends
Cloud Computing
Mobile computing
Personal Tech
Gaming
Internet
Search Engines
Social Media
World Wide Web
All Topics
Hacking
Online Marketing
Buzzwords and Jargon
Viruses
Operating Systems
Legal
People