PUBLICATION & RESEARCH LIBRARY

Authors: Jason Pappalexis and Thomas Skybakmoen

Publish Date: February 25, 2014

The purchase of a security solution, such as an intrusion prevention system (IPS) or a next generation firewall (NGFW), is commonly based on four factors: protection, throughput, total cost of ownership (TCO), and enterprise management capabilities. This comparative analysis report focuses on the management component. The ability to manage an enterprise security environment effectively is critical to the success of the deployment and the effectiveness of the solution. With the correct design and implementation, enterprise management software can dramatically improve the ability to secure and manage the enterprise. By thoroughly evaluating the following key comparison points relating specifically to enterprise management solutions, enterprises can model the overall impact on network service level agreements (SLAs); estimate operational resource requirements to maintain and manage the systems; and better evaluate required the skill levels and competencies of personnel: Acquisition costs Installation cost Fees paid to the vendor for annual maintenance, support, and updates Day-to-day use (tasks such as administration, policy handling, log handling, alert handling, monitoring, reporting, analysis, auditing & compliance, maintenance, software updates, troubleshooting, etc.) Tuning (tasks such as policy creation, elimination of false positives, setting key alerting thresholds, etc.) This report is part of a series of Comparative Analysis Reports (CAR) on security, performance, management, total cost of ownership (TCO) and Security Value Map (SVM). In addition, a SVM Toolkit is available to NSS clients that allows for the incorporation of organization-specific costs and requirements to create a completely customized SVM.