Intrusion prevention systems (IPSs) are becoming ubiquitous in the minds of enterprise buyers. However, the problems of intrusion detection systems (IDSs) have not gone away, and many organizations have an overinflated view of these systems. Moreover, the vendors and popular press continue to perpetuate numerous myths around this narrow but useful capability.
Event monitoring is of interest from both a security and an operations perspective, but to date they have tended to be implemented separately with different toolsets. This joint interest has given rise to vendors and enterprises exploring the convergence of these two capabilities. Although overlaps in technologies, requirements, and processes exist, significant differences remain, which will impede full convergence indefinitely.