In IB Computer Science, students learn that network security requires more than simply blocking traffic or monitoring activity. This is where Intrusion Prevention Systems (IPS) come in. An IPS builds on the ideas behind firewalls and intrusion detection systems by actively stopping attacks in real time.
IB examiners expect students to understand what an IPS does, how it differs from IDS, and why prevention matters.
What Is an Intrusion Prevention System (IPS)?
An Intrusion Prevention System (IPS) is a security system that:
- Monitors network or system activity
- Detects malicious behaviour
- Automatically blocks or stops attacks
Unlike an IDS, which only detects and alerts, an IPS takes direct action when a threat is identified.
In IB terms, an IPS focuses on real-time threat prevention.
How an IPS Works (Conceptually)
An IPS works by:
- Monitoring network traffic or system activity
- Comparing activity to known attack patterns or abnormal behaviour
- Identifying potential threats
- Blocking, rejecting, or terminating suspicious traffic
IB students are not expected to know implementation details, only the logical sequence.
IPS vs IDS: The Key Difference
A common IB comparison:
- IDS
- Detects suspicious activity
- Generates alerts
- Requires human response
