« Post-connect NAC or IDS/IPS, you decide | Main | Like Butta »

October 28, 2006

The peak of inflated expectations, the trough of disillusionment and the plateau of productivity

So a heated debate has been brewing between Richard Bejtlich at TaoSecurity, Thomas Ptacek of Matasano and now Amrit Williams has put in his 2 cents or 21 pesos (with the current exchange rate, they are no longer the same). I don't flatter myself to think that I am as technically astute or as smart as these three fellows, but frankly I think they all miss the point somewhat.  I do agree that IDS and for that matter IPS has not delivered the goods as advertised.  However, I would point you all to Gartner's Hype Cycle (Amrit I am sure you are familiar with it). 

When technology first catches on it goes into the so called "peak of inflated expectations". I think NAC is in this stage right now.  At this stage it seems the technology is the greatest thing since sliced bread.  After reality sets in a bit, people are disappointed that that technology does not live up to its expectations.  The problem is that the expectations are so hyped at the peak, the technology can never live up to the expectations.  It moves into the trough of disillusionment.  At this point you see the kind of stuff like Thomas writes about IDS.  However, if the technology has any real value, eventually people learn what they can get out of it and though the technology may not be the silver bullet, it takes its place at the table.  At this point the technology passes into the plateau of productivity.  I think IDS passed into this plateau sometime ago.  Yes maybe to security rockstars IDS is just not enough, but to thousands and thousands of net admins and security admins out there, Snort, Strata Guard, and other IDS are delivering results that they value. 

Also, I would point to another analyst firm that says the useful life of security technology is about 36 to 48 months.  After this it does not die though, it evolves or is subsumed into the next wave.  I think this happened with IDS into IPS, and know we see this morphing into post-connect NAC. 

So, has IDS lived up to expectations?  No, but show me one technology that has.  Is it totally bereft of any value?  Not quite. A wise man once told me, if you don't expect anything from anyone, you will never be disappointed. The same thing applies to security technology.  If you don't have inflated expectations, you will not be disappointed either.

Posted at 04:56 PM in IDS/IPS |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83451e4d369e200d8342b51c953ef

Listed below are links to weblogs that reference The peak of inflated expectations, the trough of disillusionment and the plateau of productivity:

» The Daily Incite - October 30, 2006 from Security Incite: Analysis on Information Security
October 30, 2006 - #145 Good Morning: Fall back baby! Over the weekend, here in the US anyway we set our clocks back to standard time and gained an hour of sleep on Saturday night (or partying, if thats your thing). The extra hour was good, but [Read More]

Tracked on Oct 30, 2006 10:17:32 AM

Comments

Search

Lijit Search

disclaimer

  • The views and opinions expresed here are those of myself only and in no way represent the views or positions or opinions of my employer, Latis Networks, Inc. d/b/a StillSecure or anyone else.

Blog Networks

  • Find the best blogs at Blogs.com.

StillSecure, After all these years, the podcast

Categories

Track my blog stats

Blog powered by TypePad
Member since 10/2005

About