Business Services Industry

The NSS Group Announces Results of Second Multi-Vendor IPS Group Test

Business Wire, Feb 14, 2005

LONDON -- Test Included Nine Participants, Witnessing: Four Failures; Five NSS Approved Awards; and the First Sighting of 2-8Gbps IPS Devices

The NSS Group, the world's leading independent security testing laboratory, today announced the completion and results of the second round of its comprehensive third party evaluation of intrusion detection and prevention (IPS) products. The entire report is available to view free of charge on-line at www.nss.co.uk/ips, and PDF and CD versions are also available.

Related Results

Just one year ago, Edition 1 of the IPS Group Test included five products - the entire complement of the test, and probably the entire market at that time. Almost immediately the market began to grow, and nine vendors signed up for Edition 2. However, four of them failed the stringent tests leaving the five which can be seen in the new report -- BroadWeb, Fortinet, SecureSoft, Top Layer Networks and V-Secure.

Already, there are ten vendors signed up for Edition 3 of the report, and seven for the new Multi-Gigabit IPS report for which testing begins later this year. This is definitely not a stagnant market!

"It is interesting to note that between publishing Edition 1 and Edition 2 the analyst groups who were previously so sure that IDS was dead and IPS stillborn have now come around to our way of thinking," said Head of the NSS Group Security Testing Lab in France, and author of the report, Bob Walder. "While the so-called 'deep inspection firewalls' are not ready for prime-time deployments, security administrators need to make the best use of the technology that is available, and for now that means a combination of firewalls, in-line intrusion prevention devices and intrusion detection systems. They are likely to be in use for quite some time to come, too!"

The NSS IPS Group Test evaluates the performance, reliability, security effectiveness and usability of Network IPS products. The test consists of seven sections within three primary areas: performance and reliability; security accuracy; and usability.

Overall, the brand new test suite contains more than 800 individual tests, many of which are run multiple times, to provide the most thorough and complete evaluation anywhere of IPS products available today. This edition also sees the introduction of a new Rate-Based IPS methodology to complement the existing Content-Based IPS methodology used in Edition 1. This has allowed NSS to more accurately test Rate-Based/Attack Mitigation products, and two devices were tested against this new methodology in the latest report (one of them - Top Layer Networks' Attack Mitigator IPS 5500 - actually tested against both methodologies - a first in NSS testing).

It should be noted that not every product submitted for testing receives an NSS Approved award. Pushing the products under test to their limits in a heavily-utilized network certainly produced some interesting results, and posed problems for some vendors. Standards are very high, and almost 50 percent of the products (four out of nine) submitted for this year's test failed at some point - only the five products included in the final Edition 2 report were awarded NSS Approved.

"It was interesting to note that, whereas last year we were seeing top speeds of 1-2Gbps, this year we are starting to see devices that can go well beyond that limit and which are looking over-engineered for Gigabit environments," continued Walder. "The NSS Group is launching a Multi-Gigabit IPS test later this year to look specifically at these kinds of enterprise/carrier-class devices. At the same time, we are seeing more fractional-Gigabit and 100Mbps devices appearing, which would indicate a willingness for this type of technology to be accepted in low-end environments, such as SME and branch-office scenarios."

"We believe that our IPS test methodologies will become the de facto standard for testing in-line Intrusion Prevention/Attack Mitigation devices, and the NSS Approved logo an essential item on the list of requirements when purchasing these products," added Walder.

About The NSS Group

The NSS Group is the world's foremost independent security testing facility. With British headquarters, and security and network infrastructure testing facilities in the South of France, The NSS Group offers a range of specialist IT, networking and security-related services to vendors and end-user organizations world-wide. The NSS Group security testing laboratories are available to vendors and end-users for fully independent testing of networking, communications and security hardware and software.

Output from the labs, including detailed research reports, articles and white papers on the latest network and security technologies, are made available on the NSS web site at http://www.nss.co.uk. The NSS Group awards are recognised world-wide as being the most desirable and essential when it comes to security products. Vendors consider the awards to be a crucial step in any security-related marketing campaign, whilst increasing feedback from readers of the reports indicates that participation in an NSS Group test and/or one of the above awards is a prerequisite for any security product in order to be considered for purchase.

COPYRIGHT 2005 Business Wire
COPYRIGHT 2008 Gale, Cengage Learning

 

BNET TalkbackShare your ideas and expertise on this topic

Please add your comment:
  1. You are currently: a Guest |
  4.  

Basic HTML tags that work in comments are: bold (<b></b>), italic (<i></i>), underline (<u></u>), and hyperlink (<a href></a)

advertisement
Click Here
advertisement
  • Click Here
  • Click Here
  • Click Here
advertisement
Click Here

Content provided in partnership with Thompson Gale

Presented by American Express