Prevention vendors try to shed bad rap

Interestingly, many companies that provide intrusion-prevention products try hard not to use the term when describing what those products do, because many users have had bad experiences with traditional intrusion-detection systems and the seemingly intractable problems of false positives and huge logs that overwhelm administrators.

Those problems can be greatly reduced by keeping intrusion-detection systems properly configured, but the systems are notoriously finicky and require constant attention to keep them tuned. That, and the amount of time needed to analyze the huge activity logs, have caused resource-constrained

organizations to all but give up on the technology as a major element of security.

Intrusion prevention was initially seen as a natural progression from the largely passive detection and analysis function of intrusion-detection systems to a more proactive capability. However, many in the intrusion-prevention business actively seek to separate the two.

"The use of the [intrusion-prevention moniker] has definitely slowed the market," said John McHale, chairman and chief executive officer of TippingPoint Technologies Inc. "For us there's nothing remotely similar between the [prevention and detection] technologies."

About the Author

Brian Robinson is a freelance writer based in Portland, Ore.


  • Acquisition
    network monitoring (nmedia/

    How companies should prep for CMMC

    Defense contractors should be getting ready for the Defense Department's impending cybersecurity standard expected to be released this month.

  • Workforce
    Volcanic Tablelands Calif BLM Bishop Field Office employee. April 28, 2010

    BLM begins move out of Washington

    The decision to relocate staff could disrupt key relationships with Congress and OMB and set the stage for a dismantling of the agency, say former employees.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.