Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS) are used to detect & prevent attacks in real-time.However, if they are not configured properly they may be of no use. Further the events reported by these devices need to be monitored by analysts on a continuous basis.
While it is common practice to defend against attacks by inspecting traffic at data centers. And corporate headquarters, blocking malicious traffic at the branch office is also critical. Deploying router-based threat control at the branch, small business, or home office also. It enables those locations to drop offending traffic as needed, stopping attacks at their point of entry.
Cisco IOS Intrusion Prevention System (IPS) is an inline, deep-packet inspection feature that effectively mitigates a wide range of network attacks. A component of the Cisco IOS Integrated Threat Control framework and complemented by Cisco IOS Flexible Packet Matching feature, Cisco IOS IPS provides your network with the intelligence to accurately identify, classify, and stop or block malicious traffic in real time completely.