Both a NIDS AND NIPS safeguard against intrusions. The major difference is that a NIDS alerts you to the intrusion and a NIPS tries to block the intrusion. The Intrusion prevention system can use various methods to find intruders such as:
Signature based – Looks for identical signatures on the network
Anomaly based – Looks for differences from the baseline
Behavior based – If a user is displaying certain behaviors the IPS will be alerted
Heuristic based – This IPS is intelligent and determines what is and is not an intrusion through AI.
Intrusions that in fact are not intruders happen within an IPS (FALSE POSITIVES). To prevent this ensure IPS is always kept up to date
Want To Learn More?