The implementation of Breach Detection Systems (BDS) can be a complex process, with multiple factors affecting the overall cost of deployment, maintenance, and upkeep. Enterprises should include total cost of ownership (TCO) as part of their evaluations, focusing on the following at a minimum. Acquisition costs for BDS network devices and or agents, and central management system (CMS) Fees paid to the vendor for annual maintenance, support and signature updates Labor costs for installation, maintenance and upkeep No breach detection systems deliver the same Security Effectiveness or performance, making precise comparisons extremely difficult. In order to capture the relative value of devices on the market and facilitate such comparisons, NSS Labs has developed a unique metric to enable value-based comparisons: TCO per Protected Mbps. Within a given performance range (detection time), clear guidance is provided as to whether a product's price is higher or lower than the majority of its competitors. A high price could indicate a premium based upon Security Effectiveness, brand recognition, level of customer service. Conversely, a high price could also be a penalty for purchasing an underperforming product. By using total cost of ownership (TCO) instead of purchase price, it is possible to factor in management of the device via labor costs associated with product installation, maintenance, and upkeep. This metric is used extensively in the following sections to evaluate cost of security, throughput, and 3-year TCO. The benefit from this analysis is that, within a given performance range, it can provide some insight as to whether a product is priced above or below the majority of its competitors. A high price could indicate a premium based upon protection offered (in the case of passive devices like BDS, this refers to the detection rate), brand recognition, level of customer service, or a price penalty for an underperforming product. Security Effectiveness = Detection Rate1 x Evasions x Stability & Reliability TCO per Protected Mbps = 3-Year TCO/(Security Effectiveness x NSS-Tested Throughput) This report is part of a series of Comparative Reports on security, performance, total cost of ownership (TCO) and Security Value Map (SVM). In addition, a SVM Toolkit is available to NSS clients that allows for the incorporation of organization-specific costs and requirements to create a completely customized SVM.