Devilsbane wrote: » Another thing is that it refers to passive and active IDS'. What is the difference between an active IDS and an IPS?
knwminus wrote: » When I was reading the CCNA:S it was explained that an IPS is always active because it is actually a "bump on the wire". That is, it actively scans and can stop traffic in flux. An IDS is passive and cannot actively prevent attacks but it can alert or detect bad traffic. An IDS will let bad traffic into the network. I was told that the term IDS is an IPS.
slinuxuzer wrote: » Keep in mind these are vendor neutral terms and your CCNA books may be referring to Cisco's own implementation. There is both Host-based and network based IDS and IPS, when you refer to stopping something on the wire, this would be in a network based implemenation. For a more thourgh explanation of these technologies refer to Shon Hariss All-in-one CISSP training kit. Might I also suggest Safari books online service that allows you access to thousands of books for 10$ a month? I have no affiliation with them, just a customer.
Devilsbane wrote: » Darril's book considers that these 2 terms are the same thing. But I have seen a few practice questions now that have both terms as possible answers, and only one of them is right. So what is the difference? Thanks
Devilsbane wrote: » Does anyone have an answer to this question?
skwira001 wrote: » Heuristics is another name for anomoly.
