How intrusion prevention works
|Article:HOWTO54837|||||Created: 2011-06-29|||||Updated: 2011-12-20|||||Article URL http://www.symantec.com/docs/HOWTO54837|
Intrusion prevention automatically detects and blocks network attacks and attacks on browsers. Intrusion prevention is the second layer of defense after the firewall to protect client computers. Intrusion prevention is sometimes called the intrusion prevention system (IPS).
Intrusion prevention intercepts data at the network layer. It uses signatures to scan packets or streams of packets. It scans each packet individually by looking for the patterns that correspond to network or browser attacks. Intrusion prevention uses signatures to detect attacks on operating system components and the application layer.
Article URL http://www.symantec.com/docs/HOWTO54837