June 11, 2003 — (WEB HOST INDUSTRY REVIEW) — Intrusion detection systems have failed to provide value relative to its cost and will be obsolete by the year 2005, says research firm Gartner (gartner.com).
Gartner says that intrusion detection systems are a costly and ineffective investment that does not add an additional layer of security as promised by vendors. The company recommends that enterprises redirect their security expenditures to firewall vendors that offer both network-level and application-level firewall capabilities in an integrated product.
?Intrusion detection systems are a market failure, and vendors are now hyping intrusion prevention systems, which have also stalled,” said Richard Stiennon, research vice president for Gartner. “Functionality is moving into firewalls, which will perform deep packet inspection for content and malicious traffic blocking, as well as anti-virus activities.”
According to Gartner, some of the problems with intrusion detection systems are false positives and negatives, an increased IT burden created by full-time monitoring, a taxing incident-response process, and an inability to monitor traffic at transmission rates greater than 600 megabits per second.
?Firewalls are the most-effective defense against cyberintruders on the network, and they are becoming increasingly better at blocking network-based attacks,” said Stiennon. “To be considered as a challenger, visionary or leader, a vendor must have both network-level and application-level firewall capabilities in an integrated product. Vendors that have only one or the other will be niche players.”
