Download - NGIPS Market Trends and Group Test Results
NGIPSPublicGroupTestv2.0Tes$ng,Trends,UseCase,andEvolu$on
@nsslabsThomasSkybakmoen|Dis$nguishedResearchDirector,NSSLabs
2
WhoisNSSLabs?Research&Advisory• Solu$ontrends• Bestprac$cesolu$onarchitectureguidance• Analystinquiries• Securityadvisorydays• Webinars/educa$on
Objec3vePurchaseInsight• Productmodeling• RFPtemplates• TCOmodelingkits
SecurityVendorTes3ng• Securityefficacy• Solu$onperformance• Costofownership
CyberAdvancedWarningSystem™• Con$nuousexploitvisibility• Con$nuoustargetassetiden$fica$on• Con$nuoussecuritymeasurement• Productcompara$ves• SaaSorAPI
3
NSSLabsTesting:TimelineandProcess• Coverageandtestsaregrowing–10+yearsofsecuritytes$ngo 2016–6+tests,40+vendors,40+devices
• Workflowfortestdevelopment:1. Marketassessment2. Primaryresearch3. Enterpriseplanning4. Methodology5. Testharnessdevelopment6. Grouptest,aggregate,review7. Publishresults
4
NextGenerationIPS(NGIPS)Defined
• Tradi$onalIPSplus:o Applica$oncontrolo Useriden$fica$ono Threatintelligenceintegra$on
Useriden$fica$on
Applica$oncontrol
Reputa$on
Keynextgenera$oncharacteris$cs
5
KeyMarketDrivers
• Securityeffec$venesso Increasinglycomplexthreatlandscape
• Improvesecurityworkflowo Integra$onwithsignature-lessproducts,SIEM,IR
• Flexiblearchitectureo Internaldatacentertrafficplusperimeter
6
CurrentStateoftheMarket(CY2015)
• Marketsize:o US$1,436M
• Currentbuyers:o Largeenterpriseandenterpriseaccountedfor77%oftotalsalesin2015
o Maturingmarket
Cisco40.1%
IntelSecurity23.2%
IBM14.7%
TrendMicro11.9%
Others10.1%
7
NGFWGroupTest
• ProductReportsreleased• Compara$veReportsreleased• LiveTes$ngSecurityCompara$veresultsfromNSS’CyberAdvancedWarningSystem
• SVMSecurityValueMap
VendorA
VendorB
VendorC
VendorD
VendorE
SecurityEffec3veness
Performance TotalCostofOwnership
ProductReports
Compara3veReports
8
NGIPSGroupTestv2.0:Summary• Whatwastested?
o 8market-leadingproductsfrom8vendorso ProductshadtomeetNGIPSdefini$ono NSSRa$ngs:4Recommended,2Neutral,2Cau/on
• Whatmadethistestdifferent?o UpdatedStrikePackso Updatedevasionharnesso Includedlivecomponents(CAWS)
• Whatdotheresultstellus?o Market-leadingproductsarekeepingupwithevolvingthreatlandscape
o Dedicatedappliancess$llfulfillsomeimportantusecases(e.g.,protec$ngcri$calnetworksegments)
9
GroupTestResults:Definitions• TCO
o Purchaseo Maintenance–incl.subscrip$onfeeso Administra$on–incl.installa$onandtuning
• SecurityEffec$venessequa$ono ExploitBlockRate*Evasions*Stability&Reliability
• TCOperProtectedMbpso Equa$on:(3-YearTCO)/(SecurityEffec$venessxNSSTestedThroughput)
11
NGIPSv2.0:Trendsin2016• Maturingmarketwithfewnewentrants• “Next-genera$on”featuresbeginningtocommodi$ze• Differen$a$onthroughmee$ngstringentperformancerequirements
12
NGIPS:WorththeInvestment?
• Architecturallystraighrorwardandwellunderstood
• Providingvisibilityintotrafficisincreasinglyimportant
• Designedtoperformonlargestlinks
• TCOispredictableanddropping
• Partofoverallplarorm:perimeter,internal,agent