NSS Labs to offer security gear picks and pans

NSS Lab Security Value Map

NSS Labs, which tests security products, today introduced what it's calling the "Security Value Map," a graphical evaluation of security gear based on the relative merit of each product's technical and cost advantage.

The first of these Security Value Maps is one for network intrusion-prevention systems (IPS), said Vik Phatak, CEO at NSS Labs. Like Gartner's Magic Quadrant, in which Gartner analysts categorize IT vendors and products based on its picks and pans, NSS Labs is also aiming to give its audience a quick take on how it thinks vendors and their security gear stand based on the lab's technical performance tests and cost-of-ownership evaluation.

Does 'shadow IT' lurk in your company?

"The quadrant-based chart indicates relative value and protection for each security product we tested," says Phatak. The 2012 SVM for Network Intrusion-Prevention Systems covers about 15 products, with the top ones for performance and lower cost as a whole are placed in the upper-right quadrant No. 1.

Found in that upper-right No. 1 quadrant are some IPS products from Sourcefire, Stonesoft, Fortinet, SonicWall, Palo Alto, McAfee, HP TippingPoint and Check Point (see graphic).

Security Value Map

However, the Juniper IDP 8200 and Juniper SRX 3600, along with the IBM Gx7800, ended up in the lower left-hand quadrant No. 3, a place reserved for products that NSS Labs advise "caution" because in its estimation, the products performed "under average" and were not as attractive in terms of cost. The McAfee XC Cluster product, assigned way down in the No. 3 quadrant, got the worst spot on the SVM because during testing it "lacked stability" and simple "fell over," says Phatak.

In the 2012 SVM for Network IPS, no vendor product ended up in the second quadrant sector on the lower right, the area intended to include "below average" products whose prices are nonetheless "attractive."

The fourth quadrant in the upper left is reserved for "above average" products but whose price is also somewhat "above average." The Sourcefire Virtual IPS ended up there.

The SVM for Network IPS represents in consolidated graphic form the collective findings of the various written test results that NSS Labs makes available to subscribers, which include corporations wanting independent lab tests of security products. All the products are tested in the same time frame and with the same methodology, says Phatak. The SVM for network IPS represents about 3,500 man-hours of testing, he points out, plus an analysis of product costs based on "protected Mbps."

NSS Labs expects to issue more SVMs in the future, including ones for endpoint protection and next-generation firewalls. Phatak says he hopes the SVMs will become influential in somewhat the same way that Gartner Magic Quadrants are today, with enterprises putting stock in Gartner's picks.

He adds that since NSS Labs often relies on vendor loans of equipment to do its testing, some vendors have indicated they'd prefer to not participate. But NSS Labs subscribers increasingly are saying they don't want to buy gear unless it's tested, and this has gotten some reluctant vendors on board.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email: emessmer@nww.com.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2012 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)