Intrusion detection 'a waste of space'

Intrusion detection systems (IDS) are a waste of money and "will be obsolete by 2005", industry analysts have predicted.

According to Information Security Hype Cycle, the latest research from Gartner, IDS technology does not add the additional layer of security promised by vendors. In many cases it has even proven to be a costly and ineffective investment, the firm said.

Gartner recommends that enterprises redirect the money they would have spent on IDS towards defence applications such as those offered by firewall vendors, which offer both network-level and application-level firewall capabilities in an integrated product.

"Intrusion detection systems are a market failure and vendors are now hyping intrusion prevention systems, which have also stalled," said Richard Stiennon, research vice president for Gartner.

"Functionality is moving into firewalls, which will perform deep packet inspection for content and malicious traffic blocking, as well as antivirus activities."

According to the Gartner report, the main IDS-associated problems are false positives and negatives, an increased burden on the IT organisation by requiring full-time monitoring, and an inability to monitor traffic at transmission rates greater than 600Mbps.

"Firewalls are the most effective defence against cyber-intruders on the network, and they are becoming increasingly better at blocking network-based attacks," said Stiennon.

"To be considered as a challenger, visionary or leader, a vendor must have both network-level and application-level firewall capabilities in an integrated product. Vendors that have only one or the other will be niche players."

Gartner's view opposes that of Infonetics Research, which last week predicted a boom in IDS sales over the next three years.