Home »
Cyber Security
How is an Intrusion Detection System different from a firewall?
By Deepak Dutt Mishra, on November 20, 2018
Intrusion Detection System
As we have already discussed that "Intrusion Detection Systems (IDS's)" are defined to be as such specially designed security software used for the purpose of detecting and informing the users and administrators about the various intrusion attacks that could be undertaken by any individual, group of individuals or organisation undertaking any malicious activity or violating security policies using computer systems against their target computer systems or computer systems which ultimately help them to attack their intended individuals or organisations.
On the other hand, when we take in the consideration of "Firewall's" they are defined as -
Firewall
"A Firewall is network security system or security software whose functionality is to maintain the security of private networks by the means of monitoring and controlling the network traffic (both incoming and outgoing) under some predefined security standards."
The Firewall acts as a barrier between trusted and untrusted computer networks like the Internet. It usually blocks unauthorized accesses i.e. intrusions to or from networks. The implementation and operation of Firewalls can be undertaken using software, hardware or combination of software and hardware.
Difference between Intrusion Detection Systems (IDS) and Firewalls
Now, we turn our attention to some key difference amongst Intrusion Detection Systems (IDS) and Firewalls:
Sr. No. |
Intrusion Detection System (IDS) |
Firewall |
1) |
Intrusion Detection System is software installed in a computer system to detect and report intrusion attempts. |
Firewall is network security software which blocks unauthorised accesses by other malicious networks and permits other networks. |
2) |
Intrusion Detection System as suggested by their names can only detect intrusion but cannot do anything to stop it. |
Firewalls can effectively block any malicious or unauthorised network access right away. |
3) |
Intrusion Detection Systems can effectively provide internal security by collection of information and analysis of security issues to provide better security. |
Firewall does not have the ability to detect and analyse security issues in the network. |
4) |
Intrusion Detection Systems can have a check to overall contents of a network. |
Firewall cannot keep check for the content of a network. |
5) |
Intrusion Detection System requires the presence of an administrator or users due to the fact that it has to send the report to them. |
Firewall does not require any administrator or user to function. |
6) |
It is usually tough for attackers to spot Intrusion Detection Systems due to the fact that they can be operated in stealth mode. |
Firewalls being the outer most part in the networking of computers are mostly visible thus, easy to fool by attackers. |
7) |
Intrusion Detection System detects intrusion after it happens and signals the user. |
Firewall tends to stop intrusion from happening. |