The flagship system designed to protect the U.S. government's computer networks from cyberspies is being stymied by technical limitations and privacy concerns, according to current and former national-security officials.

The latest complete version of the system, known as Einstein, won't be fully installed for 18 months, according to current and former officials, seven years after it was first rolled out.

This system doesn't protect networks from attack. It only raises the alarm after one has happened.

A more capable version has sparked privacy alarms, which could delay its rollout. Since the National Security Agency acknowledged eavesdropping on phone and Internet traffic without warrants in 2005, security programs have been dogged by privacy concerns.

In the case of Einstein, AT&T Corp., which would test the system, has sought written approval from the Justice Department before it would agree to participate, people familiar with the matter say.

An AT&T spokesman declined to comment.

The total cost of the system, designed to protect all nonmilitary government computers, is classified, but officials familiar with the program said the price tag was expected to exceed $2 billion.

• Click here to read the rest of this story in the Wall Street Journal.