# Best Intrusion Detection and Prevention Systems (IDPS) - Page 3

*By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)*


Intrusion detection and prevention systems (IDPS) are used to inform IT administrators and security staff of anomalies and attacks on IT infrastructure and applications. These tools detect malware, socially engineered attacks, and other web-based threats. IDPS also provide preemptive intrusion prevention capabilities for internal threats and potentially compromised systems.

Intrusion detection and prevention systems monitor systems for abnormal behavior and potential vulnerabilities that can leave a business susceptible to cyberattacks. Companies choose to adopt these to protect their sensitive business information and ensure their computing infrastructure performs as needed.

Some next-generation [firewall software](https://www.g2.com/categories/firewall) offer intrusion detection and prevention capabilities. But the main functionality of firewall tools will be controlling network access, rather than monitoring network behavior.

To qualify for inclusion in the Intrusion Detection and Prevention Systems (IDPS) category, a product must:

- Monitor IT systems for abnormal behavior and misuse
- Inform administrators of abnormal protocol activity
- Monitor the performance of IT hardware and security components
- Provide blocking mechanisms for web-based threats






## G2 Grid® for Intrusion Detection and Prevention Systems (IDPS)
![G2 Grid® for Intrusion Detection and Prevention Systems (IDPS) plotting products by satisfaction and market presence](https://www.g2.com/categories/intrusion-detection-and-prevention-systems-idps/grids.png?focus%5B%5D=1066&focus%5B%5D=88784&focus%5B%5D=71392&focus%5B%5D=1386549&focus%5B%5D=58203&focus%5B%5D=155622&focus%5B%5D=88524&focus%5B%5D=55529)
Highlighted products: Palo Alto Networks Next-Generation Firewalls, Palo Alto Networks VM-Series Virtual Firewall, Check Point Quantum Intrusion Prevention System (IPS), Cloud-Delivered Security Services, Check Point Infinity Platform, threatER, FortiGate IPS, and TrendAI Vision One - Cloud Security.
Underlying data: [Grid® JSON](https://www.g2.com/categories/intrusion-detection-and-prevention-systems-idps/grids.json?focus%5B%5D=palo-alto-networks-next-generation-firewalls&amp;focus%5B%5D=palo-alto-networks-vm-series-virtual-firewall&amp;focus%5B%5D=check-point-quantum-intrusion-prevention-system-ips&amp;focus%5B%5D=cloud-delivered-security-services&amp;focus%5B%5D=check-point-infinity-platform&amp;focus%5B%5D=threater&amp;focus%5B%5D=fortigate-ips&amp;focus%5B%5D=trendai-vision-one-cloud-security)


## How Many Intrusion Detection and Prevention Systems (IDPS) Products Does G2 Track?
**Total Products under this Category:** 63

### Category Stats (Jul 2026)
- **Average Rating**: 4.4/5 The average rating of products in this category, based on all submitted ratings
- **Top Trending Product**: Darktrace / NETWORK (+0.29%) - Among all products in this category, Darktrace / NETWORK recorded the largest rating increase compared to last month
*Last updated: July 10, 2026*


## How Does G2 Rank Intrusion Detection and Prevention Systems (IDPS) Products?

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 1,700+ Authentic Reviews
- 63+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.


## Which Intrusion Detection and Prevention Systems (IDPS) Is Best for Your Use Case?

- **Leader:** [Palo Alto Networks Next-Generation Firewalls](https://www.g2.com/products/palo-alto-networks-next-generation-firewalls/reviews)
- **Highest Performer:** [threatER](https://www.g2.com/products/threater/reviews)
- **Easiest to Use:** [threatER](https://www.g2.com/products/threater/reviews)
- **Top Trending:** [Palo Alto Networks VM-Series Virtual Firewall](https://www.g2.com/products/palo-alto-networks-vm-series-virtual-firewall/reviews)
- **Best Free Software:** [CrowdSec](https://www.g2.com/products/crowdsec/reviews)


---

**Sponsored**

### FortiGate-VM NGFW

FortiGate-VM is a virtual firewall solution designed to help users secure their cloud environments and on-premises networks. As a next-generation firewall developed by Fortinet, FortiGate-VM integrates advanced security features with the flexibility of virtualization, making it suitable for deployment in various public and private cloud infrastructures. This solution is particularly beneficial for organizations looking to enhance their cybersecurity posture while leveraging the scalability and efficiency of cloud technologies. Targeted at enterprises and organizations of all sizes, FortiGate-VM is ideal for IT security teams that require robust protection against increasingly sophisticated cyber threats. Its deployment across diverse environments allows businesses to maintain consistent security policies and practices, regardless of whether their infrastructure is on-premises, in the cloud, or a hybrid of both. Specific use cases include protecting sensitive data in cloud applications, securing remote access for employees, SD-WAN, and ensuring compliance with industry regulations. One of the key features of FortiGate-VM is its AI-powered threat intelligence. FortiGuard utilizes machine learning algorithms to analyze vast amounts of data, enabling the identification of emerging threats in real time. This proactive approach to threat detection ensures that organizations can respond swiftly to potential vulnerabilities before they can be exploited. Additionally, the behavioral analysis capabilities of FortiGate-VM allow for the identification of anomalous activities, further enhancing its ability to mitigate risks associated with cyberattacks. FortiGate-VM stands out in the virtual firewall category due to its seamless integration with existing Fortinet security solutions, providing a comprehensive security architecture. The solution offers advanced features such as intrusion prevention, web filtering, and application control, all of which contribute to a multi-layered defense strategy. Furthermore, its scalability allows organizations to easily adjust their security resources in response to changing business needs, ensuring that they remain protected as they grow. FortiGate-VM delivers unmatched security and value, making it a vital component for organizations seeking to fortify their defenses against the evolving landscape of cyber threats. Its combination of advanced threat protection, AI-driven insights, and flexible deployment options positions it as a critical tool for maintaining a secure and resilient network environment.



[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=1663&amp;secure%5Bchosen_at%5D=2026-07-10T21%3A13%3A00Z&amp;secure%5Bdisplayable_resource_id%5D=73&amp;secure%5Bdisplayable_resource_type%5D=Category&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bplacement_reason%5D=neighbor_category&amp;secure%5Bplacement_resource_ids%5D%5B%5D=73&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=40399&amp;secure%5Bresource_id%5D=1663&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fintrusion-detection-and-prevention-systems-idps&amp;secure%5Btoken%5D=eb1b568b2f0adf2607c3ce26761d22a27ca8e8459f8f99c165751f6035fc2374&amp;secure%5Burl%5D=https%3A%2F%2Fvm.fortigate.com%2F%3Futm_source%3Dg2%26utm_medium%3Dcpc%26utm_id%3Ddirect-publisher&amp;secure%5Burl_type%5D=custom_url)

---

## What Are the Top-Rated Intrusion Detection and Prevention Systems (IDPS) Products in 2026?
### 1. [eScan Enterprise EDR (with Neural Intelligence AI/ML Defense)](https://www.g2.com/products/escan-enterprise-edr-with-neural-intelligence-ai-ml-defense/reviews)
Your network security is as strong as your least secure endpoint. Even a single endpoint left unsecured will increase your network’s vulnerability. To strengthen your network security, you need to secure each and every endpoint. And only via this way, you can reduce cyberattack risks. A cybercriminal uses following ways to conduct a cyberattack: Launch scripts and executables that download malicious payload or run other malicious programs Run malignant scripts without user’s knowledge in the background Make a program violate its rights and escalate permissions for suspicious activities If unruly behavior is observed across genuine programs, they are assumed malicious as they can get manipulated by malware. In such situations, Boundary Protection Rules can contain all the threats and strengthen your network’s safety. You can use the Safety Check/Audit Mode to analyse how the Boundary Protection Rules (surface attack detection) can improve your network security, if enabled. To ensure your network isn’t jeopardized, always audit events generated by Boundary Protection Rules. This way you can understand how all of your applications are getting affected. Not all genuine applications are developed with maximum security concerns and may appear as if they are executing the same behaviour as malware. By observing the Safety Check Report, you can add security exclusions for genuine applications and apply Boundary Protection Rules to your network, without slowing down endpoint performance. Whenever a boundary protection rule is violated, an alert will be sent to the administrator. You can configure the Alert Settings for multiple recipients, as per your requirements. To ensure maximum protection, you need to deploy a full eScan Enterprise EDR license, which lets you use full capabilities of EDR including Monitoring, Statistics, and workflows available in the eScan Enterprise EDR. The eScan dashboard will display complete EDR activity across your network. You can also download and export the EDR reports to observe actions taken by Boundary Protection Rules.



**Who Is the Company Behind eScan Enterprise EDR (with Neural Intelligence AI/ML Defense)?**

- **Seller:** [MicroWorld Technologies](https://www.g2.com/sellers/microworld-technologies)
- **Year Founded:** 1993
- **HQ Location:** Mumbai, Maharashtra
- **Twitter:** @eScanAV (51 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/microworld-technologies-inc (192 employees on LinkedIn®)






### 2. [Exit Point Manager for IBM i](https://www.g2.com/products/exit-point-manager-for-ibm-i/reviews)
A Key Part of Fortra (the new face of HelpSystems) Powertech is proud to be part of Fortra’s comprehensive cybersecurity portfolio. Fortra simplifies today’s complex cybersecurity landscape by bringing complementary products together to solve problems in innovative ways. These integrated, scalable solutions address the fast-changing challenges you face in safeguarding your organization. With the help of the powerful protection from Exit Point Manager for IBMI i and others, Fortra is your relentless ally, here for you every step of the way throughout your cybersecurity journey.



**Who Is the Company Behind Exit Point Manager for IBM i?**

- **Seller:** [Fortra](https://www.g2.com/sellers/fortra)
- **Year Founded:** 1982
- **HQ Location:** Eden Prairie, Minnesota
- **Twitter:** @fortraofficial (2,773 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/fortra (1,755 employees on LinkedIn®)






### 3. [Fortinet IPS Rules for AWS Network Firewall](https://www.g2.com/products/fortinet-ips-rules-for-aws-network-firewall/reviews)
Fortinet Managed IPS Rules for AWS Network Firewall, powered by FortiGuard AI-Powered Security Services, provides AWS customers with advanced, continuously updated intrusion prevention capabilities without requiring additional infrastructure or management overhead. This managed rule service extends Fortinet’s industry-leading threat intelligence and protection directly into AWS Network Firewall environments, helping organizations automatically block exploits, malware, and command-and-control activity at scale. Available on AWS Marketplace. For more information, visit https://vm.fortigate.com/aws/ips-rules.



**Who Is the Company Behind Fortinet IPS Rules for AWS Network Firewall?**

- **Seller:** [Fortinet](https://www.g2.com/sellers/fortinet)
- **Year Founded:** 2000
- **HQ Location:** Sunnyvale, CA
- **Twitter:** @Fortinet (151,422 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/6460/ (16,279 employees on LinkedIn®)
- **Ownership:** NASDAQ: FTNT






### 4. [NSFocus NGIPS](https://www.g2.com/products/nsfocus-ngips/reviews)
The NSFOCUS Next Generation Intrusion Prevention System (NGIPS) provides advanced multi-stage AI analysis for detection and mitigation of tomorrow and beyond unknown and zero-day advanced persistent threats (APTs).



**Who Is the Company Behind NSFocus NGIPS?**

- **Seller:** [NSFOCUS](https://www.g2.com/sellers/nsfocus)
- **Year Founded:** 2000
- **HQ Location:** Santa Clara, US
- **Twitter:** @NSFOCUS_Intl (1,131 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/nsfocus (505 employees on LinkedIn®)






### 5. [Orbit Intrustion Detection System](https://www.g2.com/products/orbit-intrustion-detection-system/reviews)
Orbit™ Intrusion Detection is a hardened Intrusion Detection System - that will assist you in seeing what traffic is going on inside or outside your network



**Who Is the Company Behind Orbit Intrustion Detection System?**

- **Seller:** [Central Service Association](https://www.g2.com/sellers/central-service-association)
- **Year Founded:** 1937
- **HQ Location:** Tupelo, US
- **LinkedIn® Page:** https://www.linkedin.com/company/central-service-association (122 employees on LinkedIn®)






### 6. [Powertech Exit Point Manager for IBM i](https://www.g2.com/products/powertech-exit-point-manager-for-ibm-i/reviews)
Meet HelpSysA Key Part of Fortra (the new face of HelpSystems) Powertech is proud to be part of Fortra’s comprehensive cybersecurity portfolio. Fortra simplifies today’s complex cybersecurity landscape by bringing complementary products together to solve problems in innovative ways. These integrated, scalable solutions address the fast-changing challenges you face in safeguarding your organization. With the help of the powerful protection from Powertech Exit Point Manager for IBM i and others, Fortra is your relentless ally, here for you every step of the way throughout your cybersecurity journey.



**Who Is the Company Behind Powertech Exit Point Manager for IBM i?**

- **Seller:** [Fortra](https://www.g2.com/sellers/fortra)
- **Year Founded:** 1982
- **HQ Location:** Eden Prairie, Minnesota
- **Twitter:** @fortraofficial (2,773 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/fortra (1,755 employees on LinkedIn®)

**Who Uses This Product?**
- **Company Size:** 100% Enterprise





### 7. [RazorSecure](https://www.g2.com/products/razorsecure/reviews)
Cyber security software for remote assets and small scale networks. RazorSecure Active Protection System provides continuous threat monitoring and active defence strategy for trains, buses, planes, trucks and cars.



**Who Is the Company Behind RazorSecure?**

- **Seller:** [RazorSecure](https://www.g2.com/sellers/razorsecure)
- **Year Founded:** 2014
- **HQ Location:** Basingstoke, GB
- **LinkedIn® Page:** https://www.linkedin.com/company/15090529 (25 employees on LinkedIn®)






### 8. [Sandfly Security](https://www.g2.com/products/sandfly-security/reviews)
Sandfly Security offers an agentless Linux Endpoint Detection and Response (EDR platform designed to provide comprehensive protection across a wide range of Linux systems, from modern cloud deployments to legacy and embedded devices. By eliminating the need for endpoint agents, Sandfly ensures minimal performance impact and enhanced system stability. Its features include advanced threat detection, SSH key and password monitoring, drift detection, and seamless integration with existing security infrastructures. Sandfly&#39;s solution addresses the challenges of securing diverse Linux environments by offering instant deployment, broad compatibility, and proactive threat hunting capabilities. Key Features and Functionality: - Agentless Deployment: Provides security without installing agents on endpoints, ensuring system performance and stability. - Advanced Threat Detection: Targets attack tactics rather than relying solely on signature-based methods. - SSH Key and Password Monitoring: Tracks SSH credentials and audits for weak passwords to prevent unauthorized access. - Drift Detection: Alerts users to unauthorized changes on any Linux system, enhancing security posture. - Seamless Integration: Integrates with existing security stacks, including SIEMs, SOARs, and ticketing systems. Primary Value and Problem Solved: Sandfly Security addresses the critical need for effective Linux system protection without the drawbacks of traditional agent-based solutions. By offering an agentless approach, it ensures compatibility across various Linux distributions and architectures, minimizes performance impacts, and simplifies deployment. This solution empowers organizations to detect and respond to threats swiftly, safeguarding critical infrastructure and sensitive data.



**Who Is the Company Behind Sandfly Security?**

- **Seller:** [Sandfly Security](https://www.g2.com/sellers/sandfly-security)
- **Year Founded:** 2017
- **HQ Location:** Christchurch, NZ
- **LinkedIn® Page:** https://nz.linkedin.com/company/sandfly (14 employees on LinkedIn®)






### 9. [SNOK](https://www.g2.com/products/snok/reviews)
Industrial cybersecurity. Secure-NOK provides innovative solutions to solve Industrial Cybersecurity needs.



**Who Is the Company Behind SNOK?**

- **Seller:** [SecureNok](https://www.g2.com/sellers/securenok)
- **Year Founded:** 2010
- **HQ Location:** Sandnes, NO
- **Twitter:** @securenok (71 Twitter followers)
- **LinkedIn® Page:** http://www.linkedin.com/company/securenok-ltd- (17 employees on LinkedIn®)






### 10. [suricata](https://www.g2.com/products/suricata/reviews)
Suricata is a free and open source, mature, fast and robust network threat detection engine.



**Who Is the Company Behind suricata?**

- **Seller:** [suricata](https://www.g2.com/sellers/suricata)
- **HQ Location:** N/A
- **LinkedIn® Page:** https://www.linkedin.com/company/No-Linkedin-Presence-Added-Intentionally-By-DataOps (1 employees on LinkedIn®)






### 11. [Syspeace](https://www.g2.com/products/syspeace/reviews)
Syspeace is an intrusion detection and prevention system against brute force attacks on Microsoft Windows Servers. Syspeace is an intrusion protection software which most can afford regardless of business size, as well as easy to use regardless of computer experience. Syspeace is made for you, with the safety of every type of business in mind.



**Who Is the Company Behind Syspeace?**

- **Seller:** [Syspeace](https://www.g2.com/sellers/syspeace)
- **Year Founded:** 2012
- **HQ Location:** Stockholm, SE
- **Twitter:** @syspeace (229 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/syspeace/?originalSubdomain=se (1 employees on LinkedIn®)






### 12. [Venusense Intrusion Prevention and Management System (IPS)](https://www.g2.com/products/venusense-intrusion-prevention-and-management-system-ips/reviews)
Venusense intrusion prevention system (IPS) can recognize and block attacks and viruses, such as the Web attack, worm, spy software, Trojan, overflow attack, database attack, advanced threat attack, and brute-force, which make up the deficiencies of deep prevention at the network layer.



**Who Is the Company Behind Venusense Intrusion Prevention and Management System (IPS)?**

- **Seller:** [Venustech](https://www.g2.com/sellers/venustech)
- **Year Founded:** 1996
- **HQ Location:** N/A
- **LinkedIn® Page:** https://www.linkedin.com/company/2282290 (447 employees on LinkedIn®)






### 13. [Zscaler Zero Trust Firewall](https://www.g2.com/products/zscaler-zero-trust-firewall/reviews)
Zscaler Zero Trust Firewall is a cloud-delivered security solution that extends firewall protection to all users, devices, and locations by implementing Zero Trust principles. Unlike traditional firewalls, this solution does not rely on physical appliances or network boundaries—instead, it integrates into the Zscaler Zero Trust Exchange, providing advanced, identity-based traffic filtering and protection for modern cloud and hybrid environments. This globally distributed firewall provides comprehensive Layer 7 inspection, enabling granular control, deep visibility, and real-time threat prevention across all internet and application traffic. By enforcing dynamic policies based on user identity, device posture, location, and context, Zscaler Zero Trust Firewall secures connections while eliminating risks like lateral movement and network exposure. Key Features and Benefits: • Cloud-Delivered Scalability: Provides enterprise-grade firewall protection without the limitations of legacy appliance-based firewalls. • Zero Trust Architecture: Enforces strict user and application segmentation to minimize the attack surface. • Layer 7 Inspection: Offers deep packet inspection to identify and block malicious application and internet traffic. • Integrated Threat Prevention: Leverages advanced security tools like intrusion detection/prevention (IDPS) and sandboxing to block sophisticated threats. • Dynamic Policies: Adapts access permissions and filtering rules based on identity, device posture, and real-time risk assessment. • Simplified Management: Reduces complexity with centralized cloud-based policy enforcement across global deployments. Designed for modern enterprises embracing digital transformation, Zscaler Zero Trust Firewall delivers robust, scalable security that protects users and applications seamlessly, wherever work happens. This solution is trusted by organizations worldwide to ensure safe connectivity while aligning with Zero Trust security strategies.&quot;



**Who Is the Company Behind Zscaler Zero Trust Firewall?**

- **Seller:** [Zscaler](https://www.g2.com/sellers/zscaler)
- **Year Founded:** 2008
- **HQ Location:** San Jose, California
- **Twitter:** @zscaler (17,676 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/234625/ (8,830 employees on LinkedIn®)
- **Ownership:** NASDAQ:ZS







## What Is Intrusion Detection and Prevention Systems (IDPS)?

[Network Security Software](https://www.g2.com/categories/network-security)

## What Software Categories Are Similar to Intrusion Detection and Prevention Systems (IDPS)?

- [Firewall Software](https://www.g2.com/categories/firewall-software)
- [Network Traffic Analysis (NTA) Software](https://www.g2.com/categories/network-traffic-analysis-nta)
- [Network Detection and Response (NDR) Software](https://www.g2.com/categories/network-detection-and-response-ndr)



