• An intrusion prevention system (IPS) is a network security instrument (which can be hardware or software) that continuously monitors a network for harmful behaviour and takes action to prevent it, such as reporting, blocking, or dropping it.
• It is more advanced than an intrusion detection system (IDS), which can only detect malicious activity and alert an administrator if it is detected. A next-generation firewall (NGFW) or unified threat management (UTM) solution may incorporate an intrusion prevention system. They, like many other network security systems, must be capable to scanning a large volume of traffic without degrading network performance.

Read More: What is the meaning of threat, vulnerability, and risk?