IPS market to grow on back of worry over APT attacks
But new technology critical to overcome limitations
The market for Intrusion Prevention Systems (IPS) will continue to grow on the back of more advanced designs and rising anxiety about the threat posed by advanced persistent threats (APTs), Frost & Sullivan has said.
The analyst’s projections have the market’s annual revenue rising from $1.21 billion (£800 million) in 2012 to around $2.44 billion by 2017, a health rise in a security market in which the systems have been put under pressure by alternatives such as improved firewalls and UTMs.
Frost & Sullivan’s main explanation is a sudden interest in securing specific applications as a way of at least detecting more complex threats rather than stopping conventional malware.
Related Articles on Techworld
Vendors had also invested in ‘next generation’ IPS capabilities – known as 'NGIPS' - helping to reinforce their role as packet enforcers.
“NGIPS solutions are gaining acceptance owing to their ability to inspect traffic based on detailed contextual data such as application type and user identity, as well detecting malware for which there are no signatures or other detection methods available,” said Frost & Sullivan’s network security analyst, Chris Rodriguez.
“Optionally, many IPS products can provide basic web application firewall capabilities, data loss prevention, botnet detection, or distributed denial-of-service prevention services.”
Frost and Sullivan doesn’t say it but IPS has its detractors so the NGIPS story could be key.
A recent test of a clutch of current IPS systems by the University of Glamorgan found problems in the detection ability of some when pitted against simulated advanced evasion techniques (AETs), one form of attack used in generic APTs.
Specifically, they struggled to cope with AETs that work at the application layer.
But an update of the IPS to take account of this could still give enterprises an important degree of visibility into what is happening on their networks that was impossible with other, blocking-based technologies.
“Creating awareness on the benefits of next-generation solutions, which can fulfill customers’ security, networking, and compliance requirements, will be crucial to accelerate uptake,” said Rodriguez.
“Vendors must also build solutions that support network throughput speeds, and develop comprehensive strategies that will secure virtualization and cloud computing environments.”