Enhancing network connectivity

Optimizing network performance

Improving network scalability

Identifying specific types of malicious or suspicious network traffic

Regular expressions, protocol fields, packet contents, or combinations thereof

Special characters only

Numerical values only

Alphabetic characters only

Signature-based

Heuristic-based

Syntax-based

Behavior-based

Increase false positives and maintain performance

Ignore false positives and decrease performance

Maximize false positives and reduce performance

Minimize false positives and optimize performance

Blocking or dropping packets, resetting connections, rate-limiting or throttling, alerting and logging

Blocking or dropping packets, allowing all traffic, rate-limiting or throttling, alerting and logging

Blocking or dropping packets, resetting connections, allowing all traffic, alerting and logging

Allowing all traffic, resetting connections, rate-limiting or throttling, alerting and logging

Limiting the capabilities of IPS to local threat intelligence only

Enhancing the effectiveness of IPS by leveraging global threat intelligence

Reducing the effectiveness of IPS by ignoring global threat intelligence

Isolating IPS from global threat intelligence

Slows down the response to emerging threats

Reduces the number of legitimate alerts

Increases false positives

Enables IPS devices to identify and block previously unknown threats