Breach Prevention System
BPS 2017 Comparative Report: Security Value Map™

BPS 2017 Comparative Report: Security Value Map™

This report is available through the Breach Prevention System Category Subscription.  All of our subscription options can be viewed here.

 

AUTHORS:

Thomas Skybakmoen, William Dean Freeman, Jessica Williams

 

TECHNOLOGY DESCRIPTION:

Threat actors are demonstrating the capability to bypass protection offered by conventional endpoint and perimeter security solutions. Enterprises must in turn evolve their defenses to incorporate a different kind of protection, one that NSS Labs defines as a breach prevention system (BPS). A BPS is an integrated solution that leverages multiple modern technologies such as cloud and on-premises sandboxing, emulation, and machine learning. These technologies are leveraged in conjunction with traditional deep inspection and/or access control blocking technologies such as next generation firewalls (NGFWs) and next generation intrusion prevention systems (NGIPS) that act as enforcement points. In addition, most BPS have integrated endpoint technology which enables them to block attacks that would not otherwise be seen by a network device.


REPORT FOCUS:

Empirical data from individual Test Reports and Comparative Reports is used to create NSS Labs’ unique Security Value Map™ (SVM). The SVM illustrates the relative value of security investment by mapping the Security Effectiveness and the Total Cost of Ownership (TCO) per Protected Mbps (Value) of tested product configurations. 

 

PRODUCTS EVALUATED:

The following products were evaluated:

  • Check Point Software Technologies 15600 Next Generation Threat Prevention & Sandblast (NGTX) Appliance R77.30
  • Cisco FirePOWER 8350 v6.1.0.1 with Cisco AMP v5.1.12.10483
  • Fortinet Advanced Threat Protection (FortiSandbox Cloud with FortiGate 600D v5.6.1, Fortimail Virtual Appliance v5.4.0 and Forticlient ATP Agent v5.6.1.1112)
  • Juniper Networks SRX1500 v15.1X49-D90.7 with Sky ATP
  • Palo Alto Networks PA-5220, PAN OS 8.0.3-h4 with Traps v4.1.0.28239

 

To learn how each vendor performed, download a copy of each Test Report. NSS clients can also download the BPS Comparative Reports on Performance, SecuritySecurity Value Map, and TCO.

As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodology applied is in the public domain to provide transparency and to help enterprises understand the results. .

As with all NSS Labs group tests, there was no fee for participation. All testing was conducted independently and was not paid for by any vendor.