Intrusion detection and prevention system (IDPS)

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Abbreviation(s) and Synonym(s):

Definition(s):

Software that automates the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents and attempting to stop detected possible incidents.
Source(s):
NIST SP 800-137 under Intrusion Detection and Prevention System (IDPS) NISTIR 7298
NIST SP 800-61 Rev. 2 under Intrusion Detection and Prevention System (IDPS)
NISTIR 7621 Rev. 1 under Intrusion Detection / Prevention System NIST SP 800-61 Rev. 2

An appliance or software product that provides complementary security services to a personal firewall, monitoring and analyzing the internal state of a client device. IDPS products review logs to ensure that the system and applications are not functioning unexpectedly, such as applications inexplicably accessing or altering other portions of the system. Several host-based IDPS software products also monitor inbound and outbound network communications and report or possibly block suspicious activity.
Source(s):
NIST SP 800-127 [Withdrawn]

Glossary Comments

Comments about specific definitions should be sent to the authors of the linked Source publication. For NIST publications, an email is usually found within the document.

Comments about the glossary's presentation and functionality should be sent to secglossary@nist.gov.

See NISTIR 7298 Rev. 3 for additional details.

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

Computer Security Resource Center

Computer Security Resource Center

Intrusion detection and prevention system (IDPS)

Glossary Comments