Well written. As someone who works for a major IPS vendor - I can point out one more area in which Gartner was way off. Namely, the market sizing for the IPS industry. We are #1/#2 in the industry in terms of market share and by extrapolating from sales graphs and such it seems that IPS is nowhere close to the billion dollar market that Gartner said it would be. Another distinction that is obvious to an engineer but not to an analyst/VC type is that IPS is just a marketing buzzword. IPS = IDS with the option to drop packets and block flows. As for your comments on ncircle, I agree that they are limping. But I am not so sure they're addressing a niche any longer. The vulnerability assessment people (worked for one of those as well) are busy going after the compliance market -- which doesnt seem like so much of a niche given the kind of $$ enterprises are spending on SOX.
I kind of said the opposite: Gartner was right, and people stopping buying IDS. By your market share assertion, you either work for McAfee or TippingPoint; the combined IPS rev for McAfee, TippingPoint, IBM, and SourceFire is over $500MM.
I'm an engineer too, and I get that IDS and IPS are basically the same thing in different form factor, but product packaging, deal structure, and go-to-market are just as important as whether your pcap_loop hooks up to a switch fabric shared memory buffer or the BPF driver.
Sheer unstoppable excellence will always be valuable, but controlling for that, an IDS company (or a company tied to the fortunes of the IDS market) is a bad bet.
