Register now or log in to join your professional community.
the different that cx is ASA with ips sensor (FW+ips sensor) but in low throughput
IPS/IDS is standalone appliances
The terms aren't precisely defiend in standards; but in general usage, here is a breakdown:
IPS - Intrusion Prevention System - inspects traffic flowing through a network and is capable of blocking or otherwise remediating flows that it determines are malicious. Usually uses a combination of traffic and file signatures and heuristic analysis of flows.
IDS - Intrusion Detection System - similar to IPS but does not affect flows in any way - only logs or alerts on malicious traffic.
Firewall- prevents or allows traffic between interfaces based on configured rules. Often have a network address translation function to isolate private (RFC 1918) network addresses from public ones. May inspect traffic for conformance with proper protocol behavior and drop non-compliant traffic. Firewalls often have an optional IDS/IPS component based on their usually being placed at the optimal network location to see all interesting traffic that should be subject to further inspection and analysis as is done by IDS/IPS.
Hope this helps.