IDS mailing list archives
Recent anti-NIDS Gartner article
From: Ron Gula <rgula () tenablesecurity com>
Date: Sat, 14 Jun 2003 23:04:17 -0400
Gartner has the basic point right, that NIDS are time-consuming and don't automatically stop attacks, but their facts and conclusions are all wrong. - Most large organizations dont even look at their firewall logs - if NIDS have failed us, then Gartner should have lumped in the ESM/SIM guys which are primarily NIDS correlation tools - the article will cause NIDS vendors to quickly rename their products as 'NIPS' or 'Defensive' systems which will confuse the less sophisticated buying public Bottom line: I think the article will have an acceleration on the demise of the CSO role and the idea of a separated 'security' staff. Firewalls used to be run by the security guys, now it is the network engineering folks. Virus was run by security as well until it went to IT. Now if the FW guys can do something close to IDS, why have an expensive group of security analysts around. Ron Gula, CTO Tenable Network Security -------------------------------------------------------------------------------Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the world's premier technical IT security event! 10 tracks, 15 training sessions, 1,800 delegates from 30 nations including all of the top experts, from CSO's to "underground" security specialists. See for yourself what the buzz is about! Early-bird registration ends July 3. This event will sell out. www.blackhat.com
-------------------------------------------------------------------------------
Current thread:
- Recent anti-NIDS Gartner article Ron Gula (Jun 17)
- RE: Recent anti-NIDS Gartner article Mike Blomgren (Jun 17)
- Re: Recent anti-NIDS Gartner article Stephen Samuel (Jun 18)
- Re: Recent anti-NIDS Gartner article nyec (Jun 17)
- Re: Recent anti-NIDS Gartner article Stephen P. Berry (Jun 18)
- <Possible follow-ups>
- RE: Recent anti-NIDS Gartner article Reverman, Peter C (Jun 17)
- RE: Recent anti-NIDS Gartner article - BruteForce Security Robert J. Mehler (Jun 17)
- Recent anti-NIDS Gartner article Srinivasa Rao Addepalli (Jun 18)
- RE: Recent anti-NIDS Gartner article Jim Butterworth (Jun 18)
- Re: Recent anti-NIDS Gartner article Michael Sierchio (Jun 18)
- RE: Recent anti-NIDS Gartner article - BruteForce Security Robert J. Mehler (Jun 17)
- Re: Recent anti-NIDS Gartner article Srinivasa Rao Addepalli (Jun 18)
(Thread continues...)
- RE: Recent anti-NIDS Gartner article Mike Blomgren (Jun 17)