Get ready: Network-based intrusion prevention system (IPS) technology is due for an extreme makeover. IPSes have been a source of frustration for many enterprises for some time because they stop only known threats and frequently generate false positives and false negatives. Some organizations don’t even bother using an IPS: Joseph Foran, director of information technology for FSW, runs intrusion detection system (IDS) tools but not IPS. Security researchers haven’t been impressed with IPS technology, either. “I don’t have a lot of confidence in an IPS, nor do I recommend it to my clients,” says Sean Kelly, business technology consultant for Consilium1, which performs penetration tests for its clients. Paul Morville, vice president of product management for IPS vendor Arbor Networks, says today’s IPS technology will increasingly be folded into the service provider cloud, integrated into the network switch, and blended with related technologies, such as network access control (NAC).