cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2029
Views
0
Helpful
3
Replies

What is the different between End-point IPS and Network IPS?

Reshma Raje
Level 1
Level 1

What is the different between End-point IPS and Network IPS?

3 Replies 3

yogdhanu
Cisco Employee
Cisco Employee

As the name suggests, its mostly a security software installed on endpoint which is a PC and network IPS is something which works at network level with firewall etc.

You might be referring to endpoint AMP (FireAMP) which works on individual PC and network AMP which works at network level on traffic passing through firepower devices.

Thanks

Yogesh

Basic difference understood... But what type of vulnerabilities are covered separately by each of these devices? And do they work in sync with each other? From where can I get all this basic information?

Network-based and Host-based IPS complement each other. Since many threats cannot be detected by scanning only the network stream, additional security on the endpoint is very important. Take ransomware for example. The file could be morphed so IPS will not detect the file by its hash but host-based ips will be able to determine it is indeed a threat by analyzing the process behaviour.

As to where you can get this "basic" information... Google. There are many books, blog posts and opensource products like snort (which is also used in Cisco Firepower) that can help you get started.

Review Cisco Networking for a $25 gift card