We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

NSS Labs to offer security gear picks and pans

NSS Labs, which tests security products, today introduced what it's calling the "Security Value Map," a graphical evaluation of security gear based on the relative merit of each product's technical and cost advantage.

The first of these Security Value Maps is one for network intrusion-prevention systems (IPS), said Vik Phatak, CEO at NSS Labs. Like Gartner's Magic Quadrant, in which Gartner analysts categorize IT vendors and products based on its picks and pans, NSS Labs is also aiming to give its audience a quick take on how it thinks vendors and their security gear stand based on the lab's technical performance tests and cost-of-ownership evaluation.

Does 'shadow IT' lurk in your company?

"The quadrant-based chart indicates relative value and protection for each security product we tested," says Phatak. The 2012 SVM for Network Intrusion-Prevention Systems covers about 15 products, with the top ones for performance and lower cost as a whole are placed in the upper-right quadrant No. 1.

Found in that upper-right No. 1 quadrant are some IPS products from Sourcefire, Stonesoft, Fortinet, SonicWall, Palo Alto, McAfee, HP TippingPoint and Check Point (see graphic).

However, the Juniper IDP 8200 and Juniper SRX 3600, along with the IBM Gx7800, ended up in the lower left-hand quadrant No. 3, a place reserved for products that NSS Labs advise "caution" because in its estimation, the products performed "under average" and were not as attractive in terms of cost. The McAfee XC Cluster product, assigned way down in the No. 3 quadrant, got the worst spot on the SVM because during testing it "lacked stability" and simple "fell over," says Phatak.

In the 2012 SVM for Network IPS, no vendor product ended up in the second quadrant sector on the lower right, the area intended to include "below average" products whose prices are nonetheless "attractive."

The fourth quadrant in the upper left is reserved for "above average" products but whose price is also somewhat "above average." The Sourcefire Virtual IPS ended up there.

The SVM for Network IPS represents in consolidated graphic form the collective findings of the various written test results that NSS Labs makes available to subscribers, which include corporations wanting independent lab tests of security products. All the products are tested in the same time frame and with the same methodology, says Phatak. The SVM for network IPS represents about 3,500 man-hours of testing, he points out, plus an analysis of product costs based on "protected Mbps."

NSS Labs expects to issue more SVMs in the future, including ones for endpoint protection and next-generation firewalls. Phatak says he hopes the SVMs will become influential in somewhat the same way that Gartner Magic Quadrants are today, with enterprises putting stock in Gartner's picks.

He adds that since NSS Labs often relies on vendor loans of equipment to do its testing, some vendors have indicated they'd prefer to not participate. But NSS Labs subscribers increasingly are saying they don't want to buy gear unless it's tested, and this has gotten some reluctant vendors on board.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email: [email protected]

Read more about wide area network in Network World's Wide Area Network section.


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

LED vs Halogen: Why now could be the right time to invest in LED bulbs

IDG UK Sites

Christmas' best ads: See great festive spots studios have created to promote themselves and clients

IDG UK Sites

Stop running out of cellular data on your iPhone, see which apps use the most data