August 14, 2012, 6:45 AM — NSS Labs, which tests security products, today introduced what it's calling the "Security Value Map," a graphical evaluation of security gear based on the relative merit of each product's technical and cost advantage.
The first of these Security Value Maps is one for network intrusion-prevention systems (IPS), said Vik Phatak, CEO at NSS Labs. Like Gartner's Magic Quadrant, in which Gartner analysts categorize IT vendors and products based on its picks and pans, NSS Labs is also aiming to give its audience a quick take on how it thinks vendors and their security gear stand based on the lab's technical performance tests and cost-of-ownership evaluation.
"The quadrant-based chart indicates relative value and protection for each security product we tested," says Phatak. The 2012 SVM for Network Intrusion-Prevention Systems covers about 15 products, with the top ones for performance and lower cost as a whole are placed in the upper-right quadrant No. 1.
Found in that upper-right No. 1 quadrant are some IPS products from Sourcefire, Stonesoft, Fortinet, SonicWall, Palo Alto, McAfee, HP TippingPoint and Check Point (see graphic).
However, the Juniper IDP 8200 and Juniper SRX 3600, along with the IBM Gx7800, ended up in the lower left-hand quadrant No. 3, a place reserved for products that NSS Labs advise "caution" because in its estimation, the products performed "under average" and were not as attractive in terms of cost. The McAfee XC Cluster product, assigned way down in the No. 3 quadrant, got the worst spot on the SVM because during testing it "lacked stability" and simple "fell over," says Phatak.
In the 2012 SVM for Network IPS, no vendor product ended up in the second quadrant sector on the lower right, the area intended to include "below average" products whose prices are nonetheless "attractive."
The fourth quadrant in the upper left is reserved for "above average" products but whose price is also somewhat "above average." The Sourcefire Virtual IPS ended up there.
The SVM for Network IPS represents in consolidated graphic form the collective findings of the various written test results that NSS Labs makes available to subscribers, which include corporations wanting independent lab tests of security products. All the products are tested in the same time frame and with the same methodology, says Phatak. The SVM for network IPS represents about 3,500 man-hours of testing, he points out, plus an analysis of product costs based on "protected Mbps."