David Laceys IT Security Blog

Mar 18 2008   9:25PM GMT

Network IPS is Dead – Long Live Application IPS

David Lacey David Lacey Profile: David Lacey

Tags:
Monitoring
Technology

Back in 2003 Gartner announced that Intrusion Detection Systems were a costly failure and would be obsolete by 2005. They saw problems with false positives, false negatives, bandwidth limitations and the growing resources needed to carry out monitoring and incident response. Better to invest in firewalls they said.

Yet five years later IDS is alive and well. And it’s Intrusion Prevention Systems that are failing to penetrate the market. False positives continue to be a problem for network-level systems. So nine out of ten security managers still prefer to monitor rather than block. It might be resource-consuming but the risk of blocking an important business transaction is too great for most companies.

But the future is brighter. Security is always more intelligent and effective when applied at the application and data level. New products such as the impressive intelligent database activity monitoring technology from Secerno are much more reliable. In fact Paul Davie, Secerno founder and COO, tells me that their clients have never experienced a single false positive or false negative. It’s because of the more precise nature of their algorithms.

So the future is blocking, not monitoring. And the smart approach is to focus your security efforts at the application level, not the infrastructure level.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: