Publish Date: April 20, 2015
Implementation of next-generation intrusion prevention system (NGIPS) solutions can be a complex process with multiple factors affecting the overall security effectiveness of the solution. The following factors should be considered over the course of the useful life of the solution: Deployment use cases: Will the NGIPS be deployed to protect servers, desktop clients, or both? How old are the operating systems and applications? ?Defensive capabilities in the deployment use cases (exploit block rate) Anti-evasion capabilities (resistance to common evasion techniques) Device stability and reliability In order to determine the relative security effectiveness of devices on the market and facilitate accurate product comparisons, NSS Labs has developed a unique formula: Security Effectiveness = Exploit Block Rate1 x Evasions x Stability & Reliability By focusing on overall security effectiveness instead of the exploit block rate alone, NSS is able to factor in the ease with which defenses can be bypassed, as well as the reliability of the device.