How does an Intrusion Prevention System (IPS) differ from an Intrusion Detection System (IDS)?

An Intrusion Prevention System (IPS) is designed to not only detect potential threats but also actively prevent them from causing harm to a network or system. This functionality allows the IPS to take immediate action against detected threats, such as blocking malicious traffic or terminating malicious sessions in real-time.

In contrast, an Intrusion Detection System (IDS) is primarily focused on monitoring and analyzing network traffic for signs of suspicious activity. It generates alerts when potential threats are detected but does not take any automated preventive measures against these threats.

Thus, the defining characteristic of an IPS is its capability to actively respond to threats, which distinguishes it from an IDS that has a more passive role.