Difference between Firewall and IDS/IPS

Premkumar

Function of the both devices is to secure the internal network from harmfull outside packets..but what is difference between them????

jagadeesan_muthuvel

Firewalls:
In firewall there are two types existing , one is normal firewall which enforces access control rules for inbound and outbound traffic and it works only on network layer.
Whereas there is also a Next gen firewall which comprises of IPS/IDS modules as well as access control feature.

IPS:
IPS inspects the live network packets in inline mode and compare it with its signature database/malicious file hash(this database updates the malicious signatures/file hashes daily from the providers portal). If it matches any malicious signatures, it will block that traffic and generate an event.

IDS:
I will usually take a copy of the network packet and do the analysis, incase of any signature match it will trigger an Event. It will not block the traffic.