<p><img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1716897657180/020dd06a-ef5f-4475-9f74-39250079ba55.png" alt /></p>
<p>An intranet is a private network which is heavily protected by different networking devices like router, firewall, IPS and IDS, proxy server and honeynet.</p>
<p><img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1716897658724/3d515dc8-6ec4-4e54-9643-c8a0bb8c9952.png" alt /></p>
<p>IDS detects the danger</p>
<p>IDS stands for Intrusion Detection System, and is installed near to the network. IDS is a passive system that detects incoming traffic. Once the IDS detects a danger it sends the information to the IPS which takes the action.</p>
<p><img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1716897660443/fe3b9299-ccc6-4734-af06-11b0e1dc31d2.png" alt /></p>
<p>IPS quarantines the danger</p>
<p>IPS stands for Intrusion Prevention System and actively detects dangers to prevent intrusion and takes action on them. The IPS’ process include:</p>
<h4 id="heading-inspection-amp-investigation">INSPECTION &amp; INVESTIGATION</h4>
<ol>
<li><strong>Inspection</strong>: Includes signature-based inspection and anomaly-based inspection</li>
<li><strong>Investigation:</strong> Includes analyzing suspicious packets and activities.</li>
</ol>
<h4 id="heading-action">ACTION</h4>
<p>Dnagerous or suspicious packets are quarantined or dropped by the IPS</p>
<h4 id="heading-logging-and-reporting">LOGGING AND REPORTING</h4>
<p>IPS is able to log and report the data about suspicions.</p>
<p>Both the IPS and the IDS can be combined into one device or even with other devices like routers and firewalls.</p>
<p>Unified Threat Management is an example.</p>


![](https://cdn.hashnode.com/res/hashnode/image/upload/v1716897657180/020dd06a-ef5f-4475-9f74-39250079ba55.png)

An intranet is a private network which is heavily protected by different networking devices like router, firewall, IPS and IDS, proxy server and honeynet.

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1716897658724/3d515dc8-6ec4-4e54-9643-c8a0bb8c9952.png)

IDS detects the danger

IDS stands for Intrusion Detection System, and is installed near to the network. IDS is a passive system that detects incoming traffic. Once the IDS detects a danger it sends the information to the IPS which takes the action.

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1716897660443/fe3b9299-ccc6-4734-af06-11b0e1dc31d2.png)

IPS quarantines the danger

IPS stands for Intrusion Prevention System and actively detects dangers to prevent intrusion and takes action on them. The IPS’ process include:

#### INSPECTION & INVESTIGATION

1.  **Inspection**: Includes signature-based inspection and anomaly-based inspection
2.  **Investigation:** Includes analyzing suspicious packets and activities.

#### ACTION

Dnagerous or suspicious packets are quarantined or dropped by the IPS

#### LOGGING AND REPORTING

IPS is able to log and report the data about suspicions.

Both the IPS and the IDS can be combined into one device or even with other devices like routers and firewalls.

Unified Threat Management is an example.

Ids & Ips

Looking to get better at development? 🤝 As a developer, I walk on this fun and challenging journey with you 🤝
