The Gartner Magic Quadrant’s Intrusion Detection and Prevention Systems (IDPS) category is relatively new. But it’s not without its rough beginnings.
In fact, Gartner predicted the demise of the entire precursor to this category back in 2003 because, at the time, intrusion prevention systems (IPS) and intrusion detection systems (IDS) were just not delivering the additional layer of security promised.
Rather than dying out as Gartner predicted, IDPS adapted and evolved, taking advantage of the shift to the cloud. The 2018 IDPS Magic Quadrant reflects these changes in the market with new criteria that highlight up and coming companies, like Alert Logic, that are adapting their IDPS technologies to meet the needs of the market.
Overview of the IDPS Market and Gartner’s MQ
The Intrusion Detection and Prevention Systems market consists of stand-alone physical and virtual appliances that work to inspect network traffic on-premises or in public cloud environments. IDPS technologies inspect traffic that passes through perimeter security devices like firewalls, secure email gateways, and secure web gateways.
These IDPS appliances provide detection to uncover unwanted and malicious traffic through a number of methods, including:
- Protocol Anomaly Detection
- Behavioral Monitoring and Heuristics
- Advanced Threat Defense (ATD) Integration
- Threat Intelligence (TI)
One of the primary benefits of this type of technology is its ability to detect and block attacks using various techniques. Leading IDPS products adapt to changing threats, evolving in response to advanced targeted threats that might have evaded first-generation IDPS appliances.
Gartner’s 2018 IDPS Magic Quadrant focuses on stand-alone IDPS appliances, which it forecasts will start shrinking in the next few years. However, the technology itself is deployed on various platforms in multiple form factors. Other network security products often deliver IDPS capabilities in addition to other features.
The criteria for IDPS Magic Quadrant have changed over time from focusing on speed and inline operations to emphasizing cloud use cases and machine learning detection, based on the shift in the market.
The Challenger Quadrant: Up and Coming Talent
Gartner recognizes Alert Logic as one of the up and coming IDPS providers in the Challenger quadrant. Placed in the far-right area of the Challengers square for “Completeness of Vision,” Alert Logic beats out NSFOCUS for “Ability to Execute.”
This is a notable improvement from Alert Logic’s rank in 2017 as a Niche Player.
Gartner recognizes Alert Logic’s investment in applying machine learning to the IDS event stream. This reduces the number of events that will need to be reviewed by human analysts while also helping teams contain attacks in a shorter period of time by correlating incidents of compromise.
Gartner’s report also points out how quickly Alert Logic can be deployed using prebuilt integrations with popular orchestration platforms like Chef, Puppet, and Ansible. Additionally, the ability to deploy and rapidly shift existing deployment make Alert Logic well suited for agile environments. Gartner also highlights Alert Logic’s strengths in public cloud and virtualized environments as well as its ease of use.
When it comes to IDPS solutions, there are both proactive and reactive solutions. Alert Logic provides a proactive solution that sets them apart from other companies in the IDPS market. Rather than waiting for threats to come to you, Alert Logic is a managed solution that proactively seeks these threats out to prevent them from causing serious damage.
IDPS isn’t Dead, It’s Evolving
It’s clear to see that IDPS technologies have not died off as Gartner originally predicted. Instead, they have adapted and evolved to provide better protection, adjusting and updating based on the needs of end-users. When it comes down to it, choosing a proactive IDPS provider can make all the difference when it comes to protecting your network.
Alert Logic is a new talent that is making a name for itself in the Gartner landscape. Gartner’s MQ report highlights Alert Logic as one of the first vendors to use analytics and machine learning for postprocessing IDS event streams.