What is the difference between Network Intrusion Prevention Systems (NIPS) and Host Intrusion Prevention Systems (HIPS)?
Network Intrusion Prevention Systems (NIPS) monitor network traffic and look for signs of attacks. They suffer from the same flaws as Intrusion Detection Systems such as being unable to handle large amounts of network traffic and being unable to decode encrypted sessions. In addition, the only source of information available to them is network traffic, which means they cannot prevent local host attacks, control what users do on their computer systems or control unauthorized removals of data (i.e. by means of removable USB drives). Finally, just like firewalls, NIPS might not see the network traffic that belongs to dial-up and VPN sessions. Unlike Network Intrusion Prevention Systems, Ozone is designed to prevent both known and unknown attacks. In addition, since Ozone agents run on the end hosts, they have access to all the information necessary to prevent local host attacks, control malicious users and safeguard all the data.
