Gartner has created something of a flap with a string of reports saying intrusion-detection systems haven’t lived up to their promises and will be eclipsed by intrusion-prevention tools.The latest indictment was issued last month, a report called “Intrusion Detection is Dead – Long Live Intrusion Prevention,” by Richard Stiennon, vice president of research. Gartner has, in fact, been banging this drum for a while. Last August the company recommended delaying investments in IDSs until better options emerged.Network World also was urging caution at the time. In a test of eight IDS products in a production network we concluded: “All ask too much of their users in terms of time and expertise to be described as security must-haves.” (We have another test running now and will report the results in the fall.)But we didn’t go as far as to conclude that IDS doesn’t have a future, which is the Gartner theme that is gnawing at some security mavens. Gartner essentially is saying that, given the documented problems with detection systems, you’re better off spending your money on other tools such as advanced firewalls and application security. But some insiders don’t add it up the way Gartner does. Network World Test Alliance member Joel Snyder, a senior partner at Opus One in Tucson, agrees that intrusion prevention is a technology, not a product, and he also expects to see it show up in devices such as firewalls and switches (see his thoughts).But he and others argue that if IDS makers can overcome problems such as false positives, there will be room in a layered defense for IDS because its role is different from other security components. As one person in our forum on the topic pointed out, instead of sitting inline, IDS systems are out of band and watch the network for signs of attack or misuse. Even with all our other safeguards, some stuff always gets through, and IDS systems represent the final safety net. But Stiennon counters that there is no guarantee that IDS will pick up that activity. “You’re better off spending your money on other things, like application security. You don’t need to sniff packets.”IDS clearly still has to prove its worth, but we’ll reserve judgment until we get the readings from our current test. After all, the vendors have had a year to address the early criticisms. These test results might prove to be sink or swim for the IDS community. Related content news Fortinet brings AI help to enterprise security teams Fortinet Advisor aims to help customers respond to threats more quickly By Michael Cooney Dec 11, 2023 3 mins Network Security how-to Getting started with scripting on Linux, Part 1 Once a script is prepared and tested, you can get a significant task completed simply by typing the script's name followed by any required arguments. By Sandra Henry-Stocker Dec 11, 2023 5 mins Linux feature Starkey swaps out MPLS for managed SD-WAN Hearing aid manufacturer achieves performance boost, increased reliability and cost savings after a shift from MPLS to managed SD-WAN services from Aryaka. By Neal Weinberg Dec 11, 2023 6 mins SASE SD-WAN Network Security news Nvidia races to fulfill AI demand with its first Vietnam semiconductor hub Vietnam has been a growing tech manufacturing destination for the past few years, and Nvidia said it is open to a new manufacturing partner in Vietnam. By Sam Reynolds Dec 11, 2023 3 mins CPUs and Processors Technology Industry Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe