Prevention vendors try to shed bad rap

Featured eBooks
Next-Generation Computing
Read Now

Space Tech

Read Now

Cyber Workforce

Read Now
Insights & Reports
Data Storage To Meet Every Need, All Powered By ONTAP
Presented By TD SYNNEX
Download Now
Strengthening Government Resilience: Securing the Future of the Federal Workforce
Presented By Cornerstone OnDemand
Download Now
By Brian Robinson

By Brian Robinson

|

Many companies that provide intrusion-prevention products try hard not to use the term when describing what those products do

Interestingly, many companies that provide intrusion-prevention products try hard not to use the term when describing what those products do, because many users have had bad experiences with traditional intrusion-detection systems and the seemingly intractable problems of false positives and huge logs that overwhelm administrators.

Those problems can be greatly reduced by keeping intrusion-detection systems properly configured, but the systems are notoriously finicky and require constant attention to keep them tuned. That, and the amount of time needed to analyze the huge activity logs, have caused resource-constrained

organizations to all but give up on the technology as a major element of security.

Intrusion prevention was initially seen as a natural progression from the largely passive detection and analysis function of intrusion-detection systems to a more proactive capability. However, many in the intrusion-prevention business actively seek to separate the two.

"The use of the [intrusion-prevention moniker] has definitely slowed the market," said John McHale, chairman and chief executive officer of TippingPoint Technologies Inc. "For us there's nothing remotely similar between the [prevention and detection] technologies."

NEXT STORY: About T-bills and the F fund