Breach Detection System
BDS 2017 Comparative Report: Total Cost of Ownership

BDS 2017 Comparative Report: Total Cost of Ownership

This report is available through the Breach Detection Systems Subscription. All of our subscription options can be viewed here.

 

AUTHORS:

Thomas Skybakmoen

 

TECHNOLOGY DESCRIPTION:

Threat actors are demonstrating the capability to bypass protection offered by conventional endpoint and perimeter security solutions. Consequently, enterprises must evolve their network defenses to incorporate a different kind of protection, one that NSS Labs defines as a breach detection system (BDS).

Through constant analysis of suspicious code and identification of communications with malicious hosts, BDS can provide enhanced detection of advanced malware, zero-day attacks, and targeted attacks that could bypass defenses such as next generation firewalls, intrusion prevention systems, intrusion detection systems, antivirus/endpoint protection (including host IPS), and secure web gateways. Because of latency issues involved in this type of scanning, BDS typically operate out of band, in detection mode, implementing multiple techniques to analyze and report on malicious traffic.


REPORT OVERVIEW:

This report focuses on the Total Cost of Ownership (TCO) per Protected Mbps. NSS’ cost analysis includes a 3-Year TCO, which is based on:

  • Acquisition costs for the BDS and a central management system (CMS)
  • Fees paid to the vendor for annual maintenance, support, and signature updates
  • Labor costs for installation, maintenance, and upkeep

 

PRODUCTS EVALUATED:

The following products were evaluated:

  • Check Point Software Technologies 15600 Next Generation Threat Prevention & SandBlastTM (NGTX) Appliance R77.30
  • Cisco FirePower 8120 v.6 & Cisco AMP v.5.1.9.10430?
  • FireEye Network Security NX 10450 v7.9.2 & EX 8400 v7.9.0?
  • FireEye Network Security 6500NXES-VA v7.9.2
  • Fortinet FortiSandbox-2000E v.FSA 2.4.1 & FortiClient (APT Agent) v.5.6.0.1075?
  • Lastline Enterprise v7.25?
  • Trend Micro Deep Discovery Inspector Model 4000 v3.8 SP5 & OfficeScan (OSCE) v.12.0.1807

 

To learn how each vendor performed, download a copy of each individual Test Report. NSS clients can also download the BDS Comparative Reports on Performance, Security, and Security Value Map.

As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodology applied is in the public domain to provide transparency and to help enterprises understand the results.

As with all NSS Labs group tests, there was no fee for participation. All testing was conducted independently and was not paid for by any vendor.