IPS market to grow on back of worry over APT attacks

But new technology critical to overcome limitations

The market for Intrusion Prevention Systems (IPS) will continue to grow on the back of more advanced designs and rising anxiety about the threat posed by advanced persistent threats (APTs), Frost & Sullivan has said.

The analyst's projections have the market's annual revenue rising from $1.21 billion (£800 million) in 2012 to around $2.44 billion by 2017, a health rise in a security market in which the systems have been put under pressure by alternatives such as improved firewalls and UTMs.

Frost & Sullivan's main explanation is a sudden interest in securing specific applications as a way of at least detecting more complex threats rather than stopping conventional malware.

Vendors had also invested in 'next generation' IPS capabilities -- known as 'NGIPS' - helping to reinforce their role as packet enforcers.

"NGIPS solutions are gaining acceptance owing to their ability to inspect traffic based on detailed contextual data such as application type and user identity, as well detecting malware for which there are no signatures or other detection methods available," said Frost & Sullivan's network security analyst, Chris Rodriguez.

"Optionally, many IPS products can provide basic web application firewall capabilities, data loss prevention, botnet detection, or distributed denial-of-service prevention services."

Frost and Sullivan doesn't say it but IPS has its detractors so the NGIPS story could be key.

A recent test of a clutch of current IPS systems by the University of Glamorgan found problems in the detection ability of some when pitted against simulated advanced evasion techniques (AETs), one form of attack used in generic APTs.

Specifically, they struggled to cope with AETs that work at the application layer.

But an update of the IPS to take account of this could still give enterprises an important degree of visibility into what is happening on their networks that was impossible with other, blocking-based technologies.

"Creating awareness on the benefits of next-generation solutions, which can fulfill customers' security, networking, and compliance requirements, will be crucial to accelerate uptake," said Rodriguez.

"Vendors must also build solutions that support network throughput speeds, and develop comprehensive strategies that will secure virtualization and cloud computing environments."

Join the CSO newsletter!

Error: Please check your email address.

Tags security

More about IntrusionIPS

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E Dunn

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place