such as a router or switch. Like an IDS, an IPS does
deep-packet inspection of packets; however, an IPS takes
action immediately if it determines that a packet is
vulnerable. Therefore, only trusted packets are allowed
into the enterprise network.
Figure 14-11 IPS Inline with Traffic
Domain Name System (DNS)
You probably don’t remember a lot of phone numbers
but instead record them in your contacts so that you can
look up a name of a person you want to call. Domain
Name System works quite similarly: It keeps a mapping
of domain names and the IP addresses of the servers
where the domains can be reached. Each device on the
Internet has a unique IP address, and DNS eliminates
the need to memorize any IP addresses that it uses.