Security Basics mailing list archives

RE: IPS vs application firewall

From: "David Gillett" <gillettdavid () fhda edu>
Date: Wed, 15 Nov 2006 17:35:21 -0800

  A firewall is always an inline device; usually, it functions as
a gateway in addition to its policy enforcement duties.  One 
consequence is that it imposes a certain overhead on even "good"
traffic.  The firewall rulebase is generally pretty static (except
for a "stateful" element).
  An IPS frequently links one or more sensors, frequently not
inline, with a dynamic inline filter that is activated to block 
specific live traffic.  Distributing the detection out of line
and activating only filters currently needed can improve both
flexibility and performance of the solution.

David Gillett

-----Original Message-----
From: listbounce () securityfocus com 
[mailto:listbounce () securityfocus com] On Behalf Of krymson () gmail com
Sent: Wednesday, November 15, 2006 12:35 PM
To: security-basics () securityfocus com
Subject: IPS vs application firewall

This question came up and I'm unable to really answer this. 
What is the difference between an IPS (an active IDS, really) 
and an application firewall or a web application firewall?

--------------------------------------------------------------
-------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE 
The NSA has designated Norwich University a center of 
Academic Excellence in Information Security. Our program 
offers unparalleled Infosec management education and the case 
study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this 
esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
--------------------------------------------------------------
-------------



---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

IPS vs application firewall krymson (Nov 15)
- RE: IPS vs application firewall David Gillett (Nov 16)
- Re: IPS vs application firewall crazy frog crazy frog (Nov 16)
- Re: IPS vs application firewall Gaizka Isusquiza (Nov 16)