A combination of design flaws and the failure of organisations to monitor and tune their intrusion detection systems means that up to 75% do not work, said Gartner. "Intrusion detection systems have failed. They have failed for years. We are still seeing the same failures in IDS today that were identified by black hat hackers 10 years ago," said Victor Wheatman, vice-president and research area director at Gartner.
Gartner predicted that the emphasis will shift away from intrusion detection systems to intrusion prevention systems.
"Intrusion detection is not a technology you can just turn on and expect it to protect you from then on. There are a lot of failures, and this is starting to matter as we move into intrusion prevention," said Wheatman.
Public key infrastructure may also have had its day, at least as a standalone technology, said Gartner. For most organisations, the cost and complexity of implementing PKI means it is "overkill" for identity authentication. Passwords are adequate for 80% of applications, the analyst firm said.
However, PKI will increasingly be incorporated into other technologies, such as smartcards, to provide strong, simple authentication services, said Wheatman.