In modern cybersecurity, there are two major types of devices for protecting the edge: intrusion detection systems (IDS) and intrusion prevention systems (IPS). An IPS sits in-line, in a network, and touches on each packet to and from the Internet. It provides protection by inspecting packets and forwarding or dropping the packets based on pre-configured, static rules (i.e. signature matching). An IDS, on the other hand, will not be able to touch any packets, it only sniffs the packet for detection, based on signatures as well, and then generates an alert for the administrator to investigate. Given this difference in defensive capability, an IPS sounds like a better tool than an IDS. If that is the actual case, then why isn’t it deployed as widely, or more widely, than an IDS?