Jiri’s Notepad

“We think IDS is dead. It’s failed to provide enterprise value.” John Pescatore in an article on intrusion protection. This seems about right. Interestingly enough, although I remember hearing first about ‘intrusion protection’ some two years ago, I haven’t encountered anyone actually deploying it. Warning signs? Bells ringing ‘PKI’?

On the other hand, event correllation described in the related closely related article is one of the areas that IMHO do have some future. In a way similar to identity management, it is esentially helping do things, that were not done very well in the past, better, cheaper, faster and on larger scale.