| Security is static and should prevent most known attacks on the network. | |
| The self-defending network should be the key point of your security policy. | |
| Integrate security throughout the existing infrastructure. | |
| Upper management is ultimately responsible for policy implementation. |
| They are more vulnerable to evasion techniques than IDS. | |
| They operate in inline mode. | |
| They have no potential impact on the data segment being monitored. | |
| They operate in promiscuous mode. |
| Uses IP logging to send alerts | |
| Implements blocking to stop an attacker | |
| Uses inline mode | |
| Only supports signatures to look for an attack |