IDS/IPS (Intrusion Detection/Prevention System)
Definition
An IDS detects suspicious activities in a network and raises an alert. An IPS goes a step further and automatically blocks the suspicious activity.
IDS and IPS monitor network traffic for patterns indicating attacks: known attack signatures, anomalous behavior, and protocol anomalies.
Difference: IDS is passive (detects and reports), IPS is active (detects and blocks). Modern Next-Generation Firewalls often include IPS functionality.