On behalf of Razmik-
I was under the impression that IPS is always in band since it should be able to prevent or apply counter measures. And IDS is always out of band since all it has to do is to detect and alert ?
-
Unsolved Security+
-
To Razmik-
The terms
in bandandout of bandare normally terms used with the management of the devices.In bandtypically refers to management of devices that are used on the same IP network it is used on. For example, I might usesshto access the device from the data network it is used on.Out of Bandnormally is adedicatedmanagement access in which there is no other data besides management data. For example, on a Dell server, there is a DRAC (Dell Remote Access Controller) which is not on the same data network as our dataThe functionality of a network device like an
IPSorIDSis referred to asin lineornot in-line.IPSare inline because they are examining every packet while it is moving across the network. They inspect, perform a deny or permit, log and alert.IDSexamine a COPY of the traffic, while the traffic continues towards its destination. They only receive a copy and alert and log based on the copy.
Others may chime in and give you a better answer!
Cordially,
Ronnie Wong
Edutainer Manager, ACI Learning [ITPRO]
*if the post has answered the question, mark as solved.
**All "answers" and responses are offered "as is" and my opinion. There is no implied service, support, or guarantee by ITProTV.
