Network IPS tests uncover appliance weaknesses

NSS Labs released its latest Network Intrusion Prevention System (IPS) Comparative Group Test Report for the fourth quarter of 2009. The report evaluates 15 NIPS products from seven vendors on their effectiveness, performance, and total cost of ownership.

Designed to identify and block attacks against organizational assets such as servers, applications, and databases, IPS products are a critical part of an organization’s layered security strategy. With increasing vulnerability disclosures in widely-deployed operating systems, applications, and even security products, IPS products can afford an organization temporary protection and relief from the immediate need to patch affected systems.

All leading IPS vendors were invited to participate in the test at no cost. Using its real-world testing methodology, NSS Labs compared the products head-to-head against 1,159 live, enterprise-class exploits. Products were tested using the vendor’s default or “recommended” settings and then again as tuned by a vendor representative.

Products tested in the report include:

  • Cisco IPS 4260 Sensor
  • IBM Proventia Network IPS GX4004
  • IBM Proventia Network IPS GX6116
  • Juniper Networks IDP-250
  • Juniper Networks IDP-600c
  • Juniper Networks IDP-800
  • McAfee M-1250
  • McAfee M-8000
  • Sourcefire 3D 4500 Network IPS
  • Stonesoft StoneGate IPS-1030
  • Stonesoft StoneGate IPS-1060
  • Stonesoft StoneGate IPS-6105
  • TippingPoint TP 10 IPS
  • TippingPoint 660N IPS
  • TippingPoint 2500N IPS.

Key findings from the report show:

  • Organizations that do not tune their IPS products could be missing up to 44 percent of “catchable” attacks.
  • Vendors overstated their product performance levels by 12 to 50 percent.
  • The protection effectiveness, performance, and labor required of lower-priced products rarely make them a better value.
  • Product guidance from NSS Labs on each product, indicated as “Recommended,” “Neutral,” or “Caution.”

Copies of the IPS Comparative Group Test Report are available for $1,800 per copy until December 31, 2009 (normally $2,500 per copy). Individual Product Test Reports providing the details of a specific product’s results are available for $600 per copy.

Don't miss