Intrusion detection should be a function, not a product
Intrusion detection's permanent placement in the Trough of Disillusionment of the Gartner Hype Cycle for Information Security does not mean that it is obsolete. Intrusion detection should be incorporated into other products instead of being implemented as a stand-alone product.
In a recent report, "Hype Cycle for Information Security, 2003," Gartner stated that "intrusion detection systems are a market failure. Vendors are now hyping intrusion prevention systems, which also have stalled. The functionality is moving into firewalls, which will perform deep packet inspection for content and malicious traffic blocking, as well as antivirus activities."
[ Read more ]
- Review: Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID (19 June 2003)
- Review: Network Intrusion Detection 3/e (24 January 2003)
- Article: Securing Linux (16 May 2002)
- Article: Tips on basic Linux server security (14 May 2002)