IDS mailing list archives
Re: Is IDS/IPS worthless?
From: Mike Lyman <mlyman-security () comcast net>
Date: Fri, 20 Feb 2004 18:05:05 -0600
On Fri, 2004-02-20 at 10:31, Andrew Plato wrote:
So this speaker then challenged me to come up with verifiable metrics. I replied that he would have to define what metrics he wants? What does he consider a "viable metric" for performance. He said "did they sell more products, make more money?" I replied "why is that the only metric that
Standard security ROI question when security doesn't have an ROI unless you're selling security. Do locks on the doors help you sell more product (unless you sell locks) or sprinkler heads in the ceilings help you make more money?
What is happening here? Anybody have any idea why there is a growing "anti-IDS" attitude. Is it the failure of IDS to produce value in an
I think most people approach IDS/IPS to stop hacking and to stop virus and worms and they just can't do that job 100%. You can throw all the resources you want at IDS and it still won't be able to prevent all security breaches. From that point of view, it's a bottomless pit. You can put in as many sensors as you want and put as many people watching the data as you want and you still won't stop everything. There are realistic approaches and values for IDS/IPS to be had for a reasonable investment. Unfortunately they are not marketed that way or priced that way. (well for the most part they aren't priced that way) I think too many have fallen for the marketing and reality has long since set in. That may bring some reality to the marketing and the pricing. -- Mike Lyman <mlyman-security () comcast net> --------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.securityfocus.com/sponsor/Astaro_focus-ids_040219 ---------------------------------------------------------------------------
Current thread:
- Is IDS/IPS worthless? Andrew Plato (Feb 20)
- Re: Is IDS/IPS worthless? Mike Lyman (Feb 23)
- RE: Is IDS/IPS worthless? Fergus Brooks (Feb 23)
- Re: Is IDS/IPS worthless? Stefano Zanero (Feb 26)
- Re: Is IDS/IPS worthless? Josh Tolley (Feb 23)
- Re: Is IDS/IPS worthless? Konrad Rieck (Feb 23)
- RE: Is IDS/IPS worthless? Brian Taylor (Feb 23)
- RE: Is IDS/IPS worthless? Fergus Brooks (Feb 23)
- RE: Is IDS/IPS worthless? Duston Sickler (Feb 24)
- RE: Is IDS/IPS worthless? Fergus Brooks (Feb 23)
- RE: Is IDS/IPS worthless? Omar Herrera (Feb 23)
- Re: Is IDS/IPS worthless? Michael Stone (Feb 23)
- Re: Is IDS/IPS worthless? Andy Cuff (Feb 23)
(Thread continues...)
- Re: Is IDS/IPS worthless? Mike Lyman (Feb 23)