new notes

areas/OPNsense/Initial-Notes/OPNsense_IDS-and-IPS.md

@@ -0,0 +1,4 @@
+## Introduction
+
+An _Intrusion Detection System_ (IDS) watches network traffic for suspicious patterns and can alert operators when a pattern matches a database of known behaviors.
+An _Intrusion Prevention System_ (IPS) goes a step further by inspecting each packet as it traverses a network interface to determine if the packet is suspicious in some way. If it matches a known pattern the system can drop the packet in an attempt to mitigate a threat.