# Best Intrusion Detection and Prevention Systems (IDPS) - Page 3

*By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)*


Intrusion detection and prevention systems (IDPS) are used to inform IT administrators and security staff of anomalies and attacks on IT infrastructure and applications. These tools detect malware, socially engineered attacks, and other web-based threats. IDPS also provide preemptive intrusion prevention capabilities for internal threats and potentially compromised systems.

Intrusion detection and prevention systems monitor systems for abnormal behavior and potential vulnerabilities that can leave a business susceptible to cyberattacks. Companies choose to adopt these to protect their sensitive business information and ensure their computing infrastructure performs as needed.

Some next-generation [firewall software](https://www.g2.com/categories/firewall) offer intrusion detection and prevention capabilities. But the main functionality of firewall tools will be controlling network access, rather than monitoring network behavior.

To qualify for inclusion in the Intrusion Detection and Prevention Systems (IDPS) category, a product must:

- Monitor IT systems for abnormal behavior and misuse
- Inform administrators of abnormal protocol activity
- Monitor the performance of IT hardware and security components
- Provide blocking mechanisms for web-based threats






## G2 Grid® for Intrusion Detection and Prevention Systems (IDPS)
![G2 Grid® for Intrusion Detection and Prevention Systems (IDPS) plotting products by satisfaction and market presence](https://www.g2.com/categories/intrusion-detection-and-prevention-systems-idps/grids.png?focus%5B%5D=1066&focus%5B%5D=88784&focus%5B%5D=71392&focus%5B%5D=1386549&focus%5B%5D=58203&focus%5B%5D=155622&focus%5B%5D=88524&focus%5B%5D=55529)
Highlighted products: Palo Alto Networks Next-Generation Firewalls, Palo Alto Networks VM-Series Virtual Firewall, Check Point Quantum Intrusion Prevention System (IPS), Cloud-Delivered Security Services, Check Point Infinity Platform, threatER, FortiGate IPS, and TrendAI Vision One - Cloud Security.
Underlying data: [Grid® JSON](https://www.g2.com/categories/intrusion-detection-and-prevention-systems-idps/grids.json?focus%5B%5D=palo-alto-networks-next-generation-firewalls&amp;focus%5B%5D=palo-alto-networks-vm-series-virtual-firewall&amp;focus%5B%5D=check-point-quantum-intrusion-prevention-system-ips&amp;focus%5B%5D=cloud-delivered-security-services&amp;focus%5B%5D=check-point-infinity-platform&amp;focus%5B%5D=threater&amp;focus%5B%5D=fortigate-ips&amp;focus%5B%5D=trendai-vision-one-cloud-security)


## How Many Intrusion Detection and Prevention Systems (IDPS) Products Does G2 Track?
**Total Products under this Category:** 63

### Category Stats (Jul 2026)
- **Average Rating**: 4.4/5 The average rating of products in this category, based on all submitted ratings
- **Top Trending Product**: Darktrace / NETWORK (+0.29%) - Among all products in this category, Darktrace / NETWORK recorded the largest rating increase compared to last month
*Last updated: July 10, 2026*


## How Does G2 Rank Intrusion Detection and Prevention Systems (IDPS) Products?

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 1,700+ Authentic Reviews
- 63+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.


## Which Intrusion Detection and Prevention Systems (IDPS) Is Best for Your Use Case?

- **Leader:** [Palo Alto Networks Next-Generation Firewalls](https://www.g2.com/products/palo-alto-networks-next-generation-firewalls/reviews)
- **Highest Performer:** [threatER](https://www.g2.com/products/threater/reviews)
- **Easiest to Use:** [threatER](https://www.g2.com/products/threater/reviews)
- **Top Trending:** [Palo Alto Networks VM-Series Virtual Firewall](https://www.g2.com/products/palo-alto-networks-vm-series-virtual-firewall/reviews)
- **Best Free Software:** [CrowdSec](https://www.g2.com/products/crowdsec/reviews)


---

**Sponsored**

### ManageEngine ADAudit Plus

ADAudit Plus is a UBA-driven auditor that helps keep your AD, Azure AD, file systems (including Windows, NetApp, EMC, Synology, Hitachi, and Huawei), Windows servers, and workstations secure and compliant. ADAudit Plus transforms raw and noisy event log data into real-time reports and alerts, enabling you to get full visibility into activities happening across your Windows Server ecosystem in just a few clicks. More than 10,000 organizations across the world trust ADAudit Plus to: 1. Instantly notify them about changes in their Windows Server environments. 2. Continuously track Windows user logon activity. 3. Monitor the active and idle time spent by employees at their workstations. 4. Detect and troubleshoot AD account lockouts. 5. Provide a consolidated audit trail of privileged user activities across their domains. 6. Track changes and sign-ins in Azure AD. 7. Audit file accesses across Windows, NetApp, EMC, Synology, Hitachi, and Huawei file systems. 8. Monitor file integrity across local files residing on Windows systems. 9. Mitigate insider threats by leveraging UBA and response automation. 10. Generate audit-ready compliance reports for SOX, the GDPR, and other IT mandates.



[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=1663&amp;secure%5Bchosen_at%5D=2026-07-10T22%3A01%3A35Z&amp;secure%5Bdisplayable_resource_id%5D=2380&amp;secure%5Bdisplayable_resource_type%5D=Category&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bplacement_reason%5D=neighbor_category&amp;secure%5Bplacement_resource_ids%5D%5B%5D=2380&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=5691&amp;secure%5Bresource_id%5D=1663&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fintrusion-detection-and-prevention-systems-idps&amp;secure%5Btoken%5D=601c62bded64ea945150109f7685defa6290c94a33405368f77ba616149b9afc&amp;secure%5Burl%5D=https%3A%2F%2Fwww.manageengine.com%2Fproducts%2Factive-directory-audit%2F%3Futm_source%3DG2%26utm_medium%3Dtpac%26utm_campaign%3DADAP-network-detection-response&amp;secure%5Burl_type%5D=custom_url)

---

## What Are the Top-Rated Intrusion Detection and Prevention Systems (IDPS) Products in 2026?
### 1. [eScan Enterprise EDR (with Neural Intelligence AI/ML Defense)](https://www.g2.com/products/escan-enterprise-edr-with-neural-intelligence-ai-ml-defense/reviews)
Your network security is as strong as your least secure endpoint. Even a single endpoint left unsecured will increase your network’s vulnerability. To strengthen your network security, you need to secure each and every endpoint. And only via this way, you can reduce cyberattack risks. A cybercriminal uses following ways to conduct a cyberattack: Launch scripts and executables that download malicious payload or run other malicious programs Run malignant scripts without user’s knowledge in the background Make a program violate its rights and escalate permissions for suspicious activities If unruly behavior is observed across genuine programs, they are assumed malicious as they can get manipulated by malware. In such situations, Boundary Protection Rules can contain all the threats and strengthen your network’s safety. You can use the Safety Check/Audit Mode to analyse how the Boundary Protection Rules (surface attack detection) can improve your network security, if enabled. To ensure your network isn’t jeopardized, always audit events generated by Boundary Protection Rules. This way you can understand how all of your applications are getting affected. Not all genuine applications are developed with maximum security concerns and may appear as if they are executing the same behaviour as malware. By observing the Safety Check Report, you can add security exclusions for genuine applications and apply Boundary Protection Rules to your network, without slowing down endpoint performance. Whenever a boundary protection rule is violated, an alert will be sent to the administrator. You can configure the Alert Settings for multiple recipients, as per your requirements. To ensure maximum protection, you need to deploy a full eScan Enterprise EDR license, which lets you use full capabilities of EDR including Monitoring, Statistics, and workflows available in the eScan Enterprise EDR. The eScan dashboard will display complete EDR activity across your network. You can also download and export the EDR reports to observe actions taken by Boundary Protection Rules.



**Who Is the Company Behind eScan Enterprise EDR (with Neural Intelligence AI/ML Defense)?**

- **Seller:** [MicroWorld Technologies](https://www.g2.com/sellers/microworld-technologies)
- **Year Founded:** 1993
- **HQ Location:** Mumbai, Maharashtra
- **Twitter:** @eScanAV (51 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/microworld-technologies-inc (192 employees on LinkedIn®)






### 2. [Exit Point Manager for IBM i](https://www.g2.com/products/exit-point-manager-for-ibm-i/reviews)
A Key Part of Fortra (the new face of HelpSystems) Powertech is proud to be part of Fortra’s comprehensive cybersecurity portfolio. Fortra simplifies today’s complex cybersecurity landscape by bringing complementary products together to solve problems in innovative ways. These integrated, scalable solutions address the fast-changing challenges you face in safeguarding your organization. With the help of the powerful protection from Exit Point Manager for IBMI i and others, Fortra is your relentless ally, here for you every step of the way throughout your cybersecurity journey.



**Who Is the Company Behind Exit Point Manager for IBM i?**

- **Seller:** [Fortra](https://www.g2.com/sellers/fortra)
- **Year Founded:** 1982
- **HQ Location:** Eden Prairie, Minnesota
- **Twitter:** @fortraofficial (2,773 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/fortra (1,755 employees on LinkedIn®)






### 3. [Fortinet IPS Rules for AWS Network Firewall](https://www.g2.com/products/fortinet-ips-rules-for-aws-network-firewall/reviews)
Fortinet Managed IPS Rules for AWS Network Firewall, powered by FortiGuard AI-Powered Security Services, provides AWS customers with advanced, continuously updated intrusion prevention capabilities without requiring additional infrastructure or management overhead. This managed rule service extends Fortinet’s industry-leading threat intelligence and protection directly into AWS Network Firewall environments, helping organizations automatically block exploits, malware, and command-and-control activity at scale. Available on AWS Marketplace. For more information, visit https://vm.fortigate.com/aws/ips-rules.



**Who Is the Company Behind Fortinet IPS Rules for AWS Network Firewall?**

- **Seller:** [Fortinet](https://www.g2.com/sellers/fortinet)
- **Year Founded:** 2000
- **HQ Location:** Sunnyvale, CA
- **Twitter:** @Fortinet (151,422 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/6460/ (16,279 employees on LinkedIn®)
- **Ownership:** NASDAQ: FTNT






### 4. [NSFocus NGIPS](https://www.g2.com/products/nsfocus-ngips/reviews)
The NSFOCUS Next Generation Intrusion Prevention System (NGIPS) provides advanced multi-stage AI analysis for detection and mitigation of tomorrow and beyond unknown and zero-day advanced persistent threats (APTs).



**Who Is the Company Behind NSFocus NGIPS?**

- **Seller:** [NSFOCUS](https://www.g2.com/sellers/nsfocus)
- **Year Founded:** 2000
- **HQ Location:** Santa Clara, US
- **Twitter:** @NSFOCUS_Intl (1,131 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/nsfocus (505 employees on LinkedIn®)






### 5. [Orbit Intrustion Detection System](https://www.g2.com/products/orbit-intrustion-detection-system/reviews)
Orbit™ Intrusion Detection is a hardened Intrusion Detection System - that will assist you in seeing what traffic is going on inside or outside your network



**Who Is the Company Behind Orbit Intrustion Detection System?**

- **Seller:** [Central Service Association](https://www.g2.com/sellers/central-service-association)
- **Year Founded:** 1937
- **HQ Location:** Tupelo, US
- **LinkedIn® Page:** https://www.linkedin.com/company/central-service-association (122 employees on LinkedIn®)






### 6. [Powertech Exit Point Manager for IBM i](https://www.g2.com/products/powertech-exit-point-manager-for-ibm-i/reviews)
Meet HelpSysA Key Part of Fortra (the new face of HelpSystems) Powertech is proud to be part of Fortra’s comprehensive cybersecurity portfolio. Fortra simplifies today’s complex cybersecurity landscape by bringing complementary products together to solve problems in innovative ways. These integrated, scalable solutions address the fast-changing challenges you face in safeguarding your organization. With the help of the powerful protection from Powertech Exit Point Manager for IBM i and others, Fortra is your relentless ally, here for you every step of the way throughout your cybersecurity journey.



**Who Is the Company Behind Powertech Exit Point Manager for IBM i?**

- **Seller:** [Fortra](https://www.g2.com/sellers/fortra)
- **Year Founded:** 1982
- **HQ Location:** Eden Prairie, Minnesota
- **Twitter:** @fortraofficial (2,773 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/fortra (1,755 employees on LinkedIn®)

**Who Uses This Product?**
- **Company Size:** 100% Enterprise





### 7. [RazorSecure](https://www.g2.com/products/razorsecure/reviews)
Cyber security software for remote assets and small scale networks. RazorSecure Active Protection System provides continuous threat monitoring and active defence strategy for trains, buses, planes, trucks and cars.



**Who Is the Company Behind RazorSecure?**

- **Seller:** [RazorSecure](https://www.g2.com/sellers/razorsecure)
- **Year Founded:** 2014
- **HQ Location:** Basingstoke, GB
- **LinkedIn® Page:** https://www.linkedin.com/company/15090529 (25 employees on LinkedIn®)






### 8. [Sandfly Security](https://www.g2.com/products/sandfly-security/reviews)
Sandfly Security offers an agentless Linux Endpoint Detection and Response (EDR platform designed to provide comprehensive protection across a wide range of Linux systems, from modern cloud deployments to legacy and embedded devices. By eliminating the need for endpoint agents, Sandfly ensures minimal performance impact and enhanced system stability. Its features include advanced threat detection, SSH key and password monitoring, drift detection, and seamless integration with existing security infrastructures. Sandfly&#39;s solution addresses the challenges of securing diverse Linux environments by offering instant deployment, broad compatibility, and proactive threat hunting capabilities. Key Features and Functionality: - Agentless Deployment: Provides security without installing agents on endpoints, ensuring system performance and stability. - Advanced Threat Detection: Targets attack tactics rather than relying solely on signature-based methods. - SSH Key and Password Monitoring: Tracks SSH credentials and audits for weak passwords to prevent unauthorized access. - Drift Detection: Alerts users to unauthorized changes on any Linux system, enhancing security posture. - Seamless Integration: Integrates with existing security stacks, including SIEMs, SOARs, and ticketing systems. Primary Value and Problem Solved: Sandfly Security addresses the critical need for effective Linux system protection without the drawbacks of traditional agent-based solutions. By offering an agentless approach, it ensures compatibility across various Linux distributions and architectures, minimizes performance impacts, and simplifies deployment. This solution empowers organizations to detect and respond to threats swiftly, safeguarding critical infrastructure and sensitive data.



**Who Is the Company Behind Sandfly Security?**

- **Seller:** [Sandfly Security](https://www.g2.com/sellers/sandfly-security)
- **Year Founded:** 2017
- **HQ Location:** Christchurch, NZ
- **LinkedIn® Page:** https://nz.linkedin.com/company/sandfly (14 employees on LinkedIn®)






### 9. [SNOK](https://www.g2.com/products/snok/reviews)
Industrial cybersecurity. Secure-NOK provides innovative solutions to solve Industrial Cybersecurity needs.



**Who Is the Company Behind SNOK?**

- **Seller:** [SecureNok](https://www.g2.com/sellers/securenok)
- **Year Founded:** 2010
- **HQ Location:** Sandnes, NO
- **Twitter:** @securenok (71 Twitter followers)
- **LinkedIn® Page:** http://www.linkedin.com/company/securenok-ltd- (17 employees on LinkedIn®)






### 10. [suricata](https://www.g2.com/products/suricata/reviews)
Suricata is a free and open source, mature, fast and robust network threat detection engine.



**Who Is the Company Behind suricata?**

- **Seller:** [suricata](https://www.g2.com/sellers/suricata)
- **HQ Location:** N/A
- **LinkedIn® Page:** https://www.linkedin.com/company/No-Linkedin-Presence-Added-Intentionally-By-DataOps (1 employees on LinkedIn®)






### 11. [Syspeace](https://www.g2.com/products/syspeace/reviews)
Syspeace is an intrusion detection and prevention system against brute force attacks on Microsoft Windows Servers. Syspeace is an intrusion protection software which most can afford regardless of business size, as well as easy to use regardless of computer experience. Syspeace is made for you, with the safety of every type of business in mind.



**Who Is the Company Behind Syspeace?**

- **Seller:** [Syspeace](https://www.g2.com/sellers/syspeace)
- **Year Founded:** 2012
- **HQ Location:** Stockholm, SE
- **Twitter:** @syspeace (229 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/syspeace/?originalSubdomain=se (1 employees on LinkedIn®)






### 12. [Venusense Intrusion Prevention and Management System (IPS)](https://www.g2.com/products/venusense-intrusion-prevention-and-management-system-ips/reviews)
Venusense intrusion prevention system (IPS) can recognize and block attacks and viruses, such as the Web attack, worm, spy software, Trojan, overflow attack, database attack, advanced threat attack, and brute-force, which make up the deficiencies of deep prevention at the network layer.



**Who Is the Company Behind Venusense Intrusion Prevention and Management System (IPS)?**

- **Seller:** [Venustech](https://www.g2.com/sellers/venustech)
- **Year Founded:** 1996
- **HQ Location:** N/A
- **LinkedIn® Page:** https://www.linkedin.com/company/2282290 (447 employees on LinkedIn®)






### 13. [Zscaler Zero Trust Firewall](https://www.g2.com/products/zscaler-zero-trust-firewall/reviews)
Zscaler Zero Trust Firewall is a cloud-delivered security solution that extends firewall protection to all users, devices, and locations by implementing Zero Trust principles. Unlike traditional firewalls, this solution does not rely on physical appliances or network boundaries—instead, it integrates into the Zscaler Zero Trust Exchange, providing advanced, identity-based traffic filtering and protection for modern cloud and hybrid environments. This globally distributed firewall provides comprehensive Layer 7 inspection, enabling granular control, deep visibility, and real-time threat prevention across all internet and application traffic. By enforcing dynamic policies based on user identity, device posture, location, and context, Zscaler Zero Trust Firewall secures connections while eliminating risks like lateral movement and network exposure. Key Features and Benefits: • Cloud-Delivered Scalability: Provides enterprise-grade firewall protection without the limitations of legacy appliance-based firewalls. • Zero Trust Architecture: Enforces strict user and application segmentation to minimize the attack surface. • Layer 7 Inspection: Offers deep packet inspection to identify and block malicious application and internet traffic. • Integrated Threat Prevention: Leverages advanced security tools like intrusion detection/prevention (IDPS) and sandboxing to block sophisticated threats. • Dynamic Policies: Adapts access permissions and filtering rules based on identity, device posture, and real-time risk assessment. • Simplified Management: Reduces complexity with centralized cloud-based policy enforcement across global deployments. Designed for modern enterprises embracing digital transformation, Zscaler Zero Trust Firewall delivers robust, scalable security that protects users and applications seamlessly, wherever work happens. This solution is trusted by organizations worldwide to ensure safe connectivity while aligning with Zero Trust security strategies.&quot;



**Who Is the Company Behind Zscaler Zero Trust Firewall?**

- **Seller:** [Zscaler](https://www.g2.com/sellers/zscaler)
- **Year Founded:** 2008
- **HQ Location:** San Jose, California
- **Twitter:** @zscaler (17,676 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/234625/ (8,830 employees on LinkedIn®)
- **Ownership:** NASDAQ:ZS







## What Is Intrusion Detection and Prevention Systems (IDPS)?

[Network Security Software](https://www.g2.com/categories/network-security)

## What Software Categories Are Similar to Intrusion Detection and Prevention Systems (IDPS)?

- [Firewall Software](https://www.g2.com/categories/firewall-software)
- [Network Traffic Analysis (NTA) Software](https://www.g2.com/categories/network-traffic-analysis-nta)
- [Network Detection and Response (NDR) Software](https://www.g2.com/categories/network-detection-and-response-ndr)



