Don't blame the IDS

Don't blame the IDS
Don Parker, 2007-11-09

Some years ago, I remember reading a press release from the Gartner Group. It was about intrusion detection systems (IDS) offering little return for the monetary investment in them and furthermore, that this very same security technology would be obsolete by the year 2005. A rather bold statement and an even bolder prediction on their part.

Expand all | Post comment

Don't blame the IDS 2007-11-10
Anonymous

Don't blame the IDS 2007-11-11
Param

Yes, let's blame the IDS 2007-11-12
assurbanipal (1 replies)

IDS are in practice often worthless because tuning them requires extraordinary efforts, and is rarely done properly, and partly as a consequence of this in many environments nobody seriously look at them! In my experience this is not the exception but the rule.
What is needed is a technology that could afford, with minimal tune up, reliable monitoring and alerting without all the crap that unfortunately plagues IDS/IPS outputs. And we're still very far from that.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/457/34790#34790

Re: Yes, let's blame the IDS 2007-11-13
Anonymous

Don't blame the IDS 2007-11-12
Gandalf

Don't blame the IDS 2007-11-12
Anonymous (1 replies)

Re: Don't blame the IDS 2007-11-13
Ryan Wegner

Don't blame the IDS 2007-11-13
Anonymous

Don't blame the IDS 2007-11-14
John Sloan (1 replies)

Re: Don't blame the IDS 2007-11-17
Ari Takanen (Codenomicon)

Don't blame the IDS 2007-11-19
Anonymous

NSM == IDS++ 2007-11-26
Hanashi