Javier Romero <[EMAIL PROTECTED]> asks:
>Does everybody know What is the future of :
>- -RealSecure
>- -Cisco�s IDS (NetRanger)
>- -NFR
Wow! I love an open-ended question like that! :)
While it'd amuse me endlessly to predict the future for RealSecure
and NetRanger, I'll restrict myself to parts of the future I control,
and some generic predictions.
Generic predictions for IDS:
- The host IDS versus network IDS distinction will go away.
Everyone who understands even the basic issues of doing
intrusion detection will tell you that neither, by itself,
is a perfect solution - it takes both working hand-in-hand.
- Visualization will be big - everyone will be working to
figure out how to present and make sense of the huge
amounts of information that an IDS can produce.
- Research in anomaly detection will continue. Perhaps
we'll see some great leaps forward in that area in the
not-too-distant future. If we _don't_ I predict that
we'll see even more work being done in the visualization
tools I describe above: if we can't write computer programs
to identify and understand weird stuff, then the trick will
be writing computer programs that facilitate the human
eye's magnificent ability to identify weird stuff and the
brain's mediocre ability to understand it.
- Lots of money will be spent on intrusion detection. With
President Clinton talking so much about the need for it, it's
pretty much a sure thing that intrusion detection is going to
be a very busy area.
- Lots of little startups will pop up, that will be working
on intrusion detection. Some of them will survive. The established
players (NFR, ISS, Cisco) will remain. Some of the new players
will get bought out. Change will happen. Prices will go up, then
back down.
NFR:
- Expect to see a _lot_ of NFR intrusion detection appliances.
- Expect to see a major update release to our BackOfficer
Friendly host intrusion detection software.
- Expect to see 3 other products from NFR that also fit into
our client/server distributed architecture. These will bring
capabilities that are (we believe) unique and superior to
what the competition can offer.
- Expect to see NFR get a lot bigger real fast. This is
already happening, in fact. We already have more people
focussed 100% on intrusion detection (that's all we do,
unlike the other guys who sell a mishmosh of stuff that
doesn't work together. that's why we're the best at it)
than the competition. Their development efforts are mostly
focussed on selling routers, scanners, and other stuff.
- Expect to see a lot more advertisements, public relations,
and marketing from NFR. We've known for a while that it's
not sufficient to be the best. When you're up against a load
of hype you need to counter it with solid information. We'll
be doing a lot of that.
- Expect to see some interesting partnerships being
announced that will give us capabilities nobody else can
approach. Keep an eye on the newswire services in the next
couple months. ;)
Hope this helps! My view from 20,000 feet (literally! over Boston
as I type this...)
mjr.
--
Marcus J. Ranum
Chief Technology Officer, Network Flight Recorder, Inc.
work - http://www.nfr.net
home - http://www.clark.net/pub/mjr
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
