PUBLICATION & RESEARCH LIBRARY

Authors: Morgan Dhanraj and Thomas Skybakmoen

Publish Date: November 6, 2017

Next generation intrusion prevention systems (NGIPS) must provide organizations with the ability to identify both the applications and the users on their internal networks. As with their predecessors, NGIPS must protect the enterprise user against threats/exploits. Designed to identify and block attacks against internal computing assets, a good NGIPS can provide temporary protection and relief from the immediate need to patch affected systems. The NGIPS must catch sophisticated attacks while producing as few false positives as possible.

Implementation of NGIPS solutions can be a complex process, with multiple factors affecting the overall performance of a solution. This Comparative Report provides data on factors affecting an NGIPS’ ability to perform, including:

  • Throughput
  • Connection rates ?
  • Latency
  • Real-world traffic mixes ?

The following products were evaluated:

  • Check Point Software Technologies 15600 R77.30
  • Cisco FirePOWER 8350 v6.2.0.1
  • Forcepoint NGFW 3301 v6.2.1
  • Fortinet FortiGate 600D v5.4.5
  • IBM QRadar Network Security XGS 5200 v5.4.0
  • McAfee IPS-NS9100 v9.1.5.3
  • Palo Alto Networks PA-5250 v8.0.3-h4
  • Trend Micro 7500NX v3.9.2.4784
  • Trend Micro 8400TX v5.0.0.4815

To learn how each vendor performed, download a copy of each Test Report. NSS clients can also download the NGIPS Comparative Reports on Security, Security Value Map, and Total Cost of Ownership (TCO).

As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodology applied is in the public domain to provide transparency and to help enterprises understand the results.