What Does Network-based Intrusion Prevention System (NIPS) Mean?
Techopedia Explains Network-based Intrusion Prevention System (NIPS)
- Signature-based detection: Signatures are attack patterns predetermined and preconfigured. This detection method monitors the network traffic and compares it with the preconfigured signatures so as to find a match. On successfully locating a match, the NIPS takes the next appropriate action. This type of detection fails to identify zero-day error threats. However, it has proved to be very good against single packet attacks. Anomaly-based detection: This method of detection creates a baseline on average network conditions. Once a baseline has been created, the system intermittently samples network traffic on the basis of statistical analysis and compares the sample to the created baseline. If the activity is found to be outside the baseline parameters, NIPS takes the necessary action. Protocol state analysis detection: This type of detection method identifies deviations of protocol states by comparing observed events with predefined profiles.
