Intrusion Prevention

IPS / IDS

Intrusion Prevention System (IPS): A security system that monitors and can actively prevent threats by blocking malicious traffic in real time.
Intrusion Detection System (IDS): A security system that monitors network traffic and detects potential threats but does not block or prevent the traffic; it only alerts administrators.

Failure Modes

Fail Open: In the event of failure, network traffic is allowed to continue through, maintaining connectivity but potentially exposing the network to threats.
Fail Close: In the event of failure, network traffic is blocked, ensuring security but at the risk of disrupting network services.

Device Attributes

Active / Inline Monitoring: Monitors and can block traffic instantly as it moves through the network, providing real-time prevention of malicious activity.
Passive / Tap Monitoring: Monitors network traffic by receiving copies of the data without being able to block or alter it in real-time, making it useful for detection rather than prevention.