RE: IPS vs application firewall

A firewall is always an inline device; usually, it functions as
a gateway in addition to its policy enforcement duties. One
consequence is that it imposes a certain overhead on even "good"
traffic. The firewall rulebase is generally pretty static (except
for a "stateful" element).
An IPS frequently links one or more sensors, frequently not
inline, with a dynamic inline filter that is activated to block
specific live traffic. Distributing the detection out of line
and activating only filters currently needed can improve both
flexibility and performance of the solution.

David Gillett


-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx
[mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of krymson@xxxxxxxxx
Sent: Wednesday, November 15, 2006 12:35 PM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: IPS vs application firewall

This question came up and I'm unable to really answer this.
What is the difference between an IPS (an active IDS, really)
and an application firewall or a web application firewall?

--------------------------------------------------------------
-------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of
Academic Excellence in Information Security. Our program
offers unparalleled Infosec management education and the case
study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this
esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
--------------------------------------------------------------
-------------



---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Relevant Pages

  • RE: External Penetration Question
    ... it's sitting behind a firewall and all connections to the internet are NAT'd ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence ... Our program offers unparalleled Infosec management ...
    (Security-Basics)
  • [fw-wiz] Re: IPS
    ... > inline. ... adding an extra layer of security around an open network. ... whether implemented in a firewall like ... Checkpoint's SmartDefense or a standalone, inline "IDP" product, ...
    (Firewall-Wizards)
  • weird error
    ... the ports on the Firewall but still can not get to the site externally. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence ...
    (Security-Basics)
  • Re: IPS vs application firewall
    ... I understand a Firewall like a fence with some security guards in every entrance, to prevent intruders enter in an area, some of them are for networks and some of them only for specific hosts and are placed in the perimeter. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence in Information Security. ...
    (Security-Basics)
  • Re: Port 5431 PARK AGENT
    ... Seems to be a keylogger or something and is a computer behind the firewall that open it on the router when the computer start up. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence ...
    (Security-Basics)