1.1.2. Intrusion Detection and Prevention

The intrusion detection and prevention system (IDPS) enables malicious activity within the network to be identified. It focuses on real-time threat detection, logging, and prevention as well as reporting.

The administrator can create different IPS profiles (signature sets relevant for protecting certain services) and define IDPS rules that specify actions for the selected traffic type that the IDPS module will analyze according to the assigned profiles.