Abstract: With the growth of network structure complexity and the diversity of network attack methods, traditional ifrewalls have been unable to prevent many types of network attack. According to NDIS interface standard, intrusion detection protection system based on intelligent self learning method(IDPS-ISM) is developed, which has the advantages of ifrewall and intrusion detection system(IDS) combined. In order to realize a self-adaptive ifrewall to block unpredictable attack behaviors, method of intelligent self learning is used to maintain the"blacklist"of IDPS-ISM. The actual facts show that IDPS-ISM is fast and stable, and promises great real-time response. Besides, the system also has warning mechanism to against crisis.