Vendor Landscape Plus: Intrusion Detection and Prevention Systems
Bad guys will get in; make sure they don't get far with an enterprise network alarm.
Send a friend or colleague a link to this article
Last Revised: April 12, 2011
RETIRED CONTENTPlease note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.
- Enterprises cannot simply rely on a strong front door to keep the bad guys out of the enterprise network; firewalls are necessary, but an Intrusion Detection and Prevention System (IDPS) is important to detect them once they get in.
- Implementing an IDPS requires enterprises to choose between dedicated or consolidated solutions, in-house versus outsourced management, and perimeter or internal deployment, not to mention which tool is right. These decisions can radically impact overall security.
- Getting the strategy, architecture, and product selection right means enhanced enterprise security at a manageable cost; picking wrong could mean higher cost, lower security, or both.
- Intrusion Detection was declared dead in 2004, the proclamation was early then, but technology doesn’t stand still and Intrusion Prevention has now fully replaced that older technology, though in most cases, solutions can still be deployed in detection only modes.
- Today’s IDPS are more capable than ever before, offering multiple scanning paradigms including signature, behavior, reputation and even application and protocol specific scanning methods.
- Strategy determination and product selection can be trivial concerns when compared with the complexity of the implementation and operation an IDPS; a methodical and careful deployment ensures that enterprises improve security without undermining business opportunities.
Impact and Result
- Measuring Return on Security Investment (ROSI) can be tricky since it is difficult to determine if not being compromised can be attributed to good tools, or poor intrusion attempts. Nonetheless, 86% of enterprises are adopting IDPS to improve their security stance.
- Prices and feature sets for IDP Systems vary wildly; on a price per Gigabit of throughput, the least expensive solutions cost half that of the most expensive, yet offered no less feature-functionality. Wise purchasing decisions can save the enterprise tens of thousands of dollars.
- If improperly implemented and optimized, the operational costs of an IDPS can far outstrip the capital expenditure. Getting the monitoring, responding, and alerting parameters right is essential to efficient operations.
Get to Action
Best Practices Toolkit
Get a crash course on IDP Systems
Understand IDPS strategy, solutions, and operational best practices.
Determine if IDP is a fit for the enterprise
Build an enterprise IDP strategy.
Calculate the TCO of an IDPS
Determine capital and operating costs, and understand the various licensing and management options.
Review IDP System solutions
Build a shortlist of best-fit IDPS tools for the enterprise.
Issue an RFP
Solicit responses from shortlisted vendors to find optimal enterprise fit.
Evaluate RFP responses
Keep vendors honest, and select the best IDPS for enterprise needs.
Talk to an Analyst
Each of our solution sets include information, tools and templates to help you complete a project on your own. However, if you want extra help, our silver and gold memberships include phone access to our analysts. Analyst calls are focused on helping our members use the research we produce, and our experts will guide you to successful project completion.
- Book an Analyst Call on this topic. You can start as early as tomorrow morning. Our analysts will explain the process in your first call.
- Get advice from a subject matter expert. Each call will focus on explaining the material and helping you to plan your project, interpret and analyze the results of each project step, and setting the direction for your next project step.
Secure the Network Against Remote & Rogue Endpoints in Four Steps
Select and Implement Intrusion Detection and Prevention Systems
Secure Critical Systems and Intellectual Property Against APT
Secure the Network in a BYOD World
Vendor Landscape: Endpoint Anti-Malware
Vendor Landscape: Intrusion Detection and Prevention Systems
Vendor Landscape Plus: Security Information & Event Management
Vendor Landscape: Network Access Control
Vendor Landscape: Next Generation Firewalls
Develop an Up-to-Date Active Directory Strategy, and Implement
Cut Through Confusion to Understand and Secure Your Cloud Today