<div>
You're dealing with apples, oranges and bananas here<br />
<br />
A firewall will block/allow traffic based on network information such as IP address, network port and network protocol. <br />
<br />
An IPS (Intrusion Prevention System) &nbsp;will &nbsp;analyze whole packets, both header and payload, looking for known event and be able to drop, alert, or potentially clean a malicious network request based on that content. The determination of what is malicious is based either on behavior analysis or through the use of signatures.<br />
<br />
An IDS (Intrusion Detection System) A scaled down IPS that only reports events.<br />
<br />
An IDS/IPS is only as good as its signatures with hopefully no false positives and no false negatives (wishful thinking)<br />
<br />
Is GPG8 this <a href="https://www.gov.uk/service-manual/making-software/information-security.html" rel="ugc">https://www.gov.uk/service-manual/making-software/information-security.html</a>, if not what is &nbsp;it.
</div>


<div>
Many Thanks for the correspondence in relation to my question, i have found this forum very helpful. Gray
</div>


<div>
<div class="content wysiwyg-content">
Hi community,<br />
<br />
I would like to document a generic set of minimum functional requirements when implementing IPS/IDS and Firewall technologies for network teams to follow. Any design solutions would also take into consideration customer contract obligation's &nbsp;if they have been specified. The problem often encountered is when customer IPS/IDS contractual obligations are not specified but simply state it is a requirement. As a result I'm often asked what are the minimum baseline requirements? <br />
<br />
I've reviewed GPG8, but again didn't really find anything specifically aimed at minimum functional requirements. Some of the premium brands such as FireEye and AlienVault offer solutions available when their products are purchased which is fine but I would like to be able to perform cross platform analysis regardless of the vendor.<br />
<br />
Does anyone else have a similar situation or able to offer any minimum IPS/IDS design requirements? Any feedback would be gratefully received.<br />
<br />
Many Thanks - Gray
</div>
</div>


Hi community,

I would like to document a generic set of minimum functional requirements when implementing IPS/IDS and Firewall technologies for network teams to follow. Any design solutions would also take into consideration customer contract obligation's  if they have been specified. The problem often encountered is when customer IPS/IDS contractual obligations are not specified but simply state it is a requirement. As a result I'm often asked what are the minimum baseline requirements? 

I've reviewed GPG8, but again didn't really find anything specifically aimed at minimum functional requirements. Some of the premium brands such as FireEye and AlienVault offer solutions available when their products are purchased which is fine but I would like to be able to perform cross platform analysis regardless of the vendor.

Does anyone else have a similar situation or able to offer any minimum IPS/IDS design requirements? Any feedback would be gratefully received.

Many Thanks - Gray

IPS/IDS

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.