Don't blame the IDS

Don't blame the IDS
Don Parker, 2007-11-09

Some years ago, I remember reading a press release from the Gartner Group. It was about intrusion detection systems (IDS) offering little return for the monetary investment in them and furthermore, that this very same security technology would be obsolete by the year 2005. A rather bold statement and an even bolder prediction on their part.

Expand all | Post comment

Don't blame the IDS 2007-11-10
Anonymous

Don't blame the IDS 2007-11-11
Param

Yes, let's blame the IDS 2007-11-12
assurbanipal (1 replies)

Re: Yes, let's blame the IDS 2007-11-13
Anonymous

Don't blame the IDS 2007-11-12
Gandalf

Don't blame the IDS 2007-11-12
Anonymous (1 replies)

Re: Don't blame the IDS 2007-11-13
Ryan Wegner

A good IDS like Snort already provides capabilities for anomaly detection. It's just an extension of the current technology really, and it's been in the works for years. It just takes a lot of work and skill on the IDS administrator's part to pull it off. Not just downloading the latest rules and pushing them out to your sensors.

So you rebrand your IDS an ADS (anomaly detection system), hire yourself a savy programmer to code up some Snort plugin's and away you go.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/457/34795#34795

Don't blame the IDS 2007-11-13
Anonymous

Don't blame the IDS 2007-11-14
John Sloan (1 replies)

Re: Don't blame the IDS 2007-11-17
Ari Takanen (Codenomicon)

Don't blame the IDS 2007-11-19
Anonymous

NSM == IDS++ 2007-11-26
Hanashi

Don't blame the IDS 2009-08-14
Anonymous