The death knell for intrusion detection is getting louder. Tired of doing full-time monitoring and fending off alerts that 99 times out of 100 mean nothing, enterprises have been ready to shove these expensive network-monitoring products off the proverbial cliff.. . .
The death knell for intrusion detection is getting louder. Tired of doing full-time monitoring and fending off alerts that 99 times out of 100 mean nothing, enterprises have been ready to shove these expensive network-monitoring products off the proverbial cliff.

Research firm Gartner Inc. provided another nudge Wednesday when it declared IDS will be obsolete by 2005.

Instead, Gartner recommends that businesses invest their security dollars on firewalls that block attacks, rather than alert administrators to them.

"The underlying problem with IDS is that enterprises are investing in technology to detect intrusions on a network. This implies they are doing something wrong and letting those attacks in," said Gartner vice president of research Richard Stiennon. "Enterprises investing money to alert them when the next SQL Slammer worm arrives is a waste of money."

According to Gartner's Information Security Hype Cycle, intrusion detection has failed to deliver value relative to its costs. Enterprises have been quick to decry IDS for the plethora of false positives it generates, for the voluminous amounts of log data administrators have to pore over and for its inability to monitor at speeds of more than 600 Mbps.

The link for this article located at SearchSecurity is no longer available.