PUBLICATION & RESEARCH LIBRARY

Home Publication & Research Library

BPS 2017 Comparative Report: Total Cost of Ownership

Authors: Jessica Williams, Thomas Skybakmoen and William Dean Freeman

Publish Date: December 12, 2017

This report is available through the Breach Prevention System Category Subscription.  All of our subscription options can be viewed here.

TECHNOLOGY DESCRIPTION:

Threat actors are demonstrating the capability to bypass protection offered by conventional endpoint and perimeter security solutions. Enterprises must in turn evolve their defenses to incorporate a different kind of protection, one that NSS Labs defines as a breach prevention system (BPS). A BPS is an integrated solution that leverages multiple modern technologies such as cloud and on-premises sandboxing, emulation, and machine learning. These technologies are leveraged in conjunction with traditional deep inspection and/or access control blocking technologies such as next generation firewalls (NGFWs) and next generation intrusion prevention systems (NGIPS) that act as enforcement points. In addition, most BPS have integrated endpoint technology which enables them to block attacks that would not otherwise be seen by a network device.

REPORT FOCUS:

Implementation of a BPS solution can be a complex process, with multiple factors affecting the overall cost of deployment, maintenance, and upkeep. This report focuses on the Total Cost of Ownership (TCO) per Protected Mbps. NSS’ cost analysis includes a three-year TCO, which is based on:

  • Acquisition costs for the BPS and a central management system (CMS)
  • Fees paid to the vendor for annual maintenance, support, and software/hardware updates
  • Labor costs for installation, maintenance, and upkeep

 

PRODUCTS EVALUATED:

The following products were evaluated:

  • Check Point Software Technologies 15600 Next Generation Threat Prevention & Sandblast (NGTX) Appliance R77.30
  • Cisco FirePOWER 8350 v6.1.0.1 with Cisco AMP v5.1.12.10483
  • Fortinet Advanced Threat Protection (FortiSandbox Cloud with FortiGate 600D v5.6.1, Fortimail Virtual Appliance v5.4.0 and Forticlient ATP Agent v5.6.1.1112)
  • Juniper Networks SRX1500 v15.1X49-D90.7 with Sky ATP
  • Palo Alto Networks PA-5220, PAN OS 8.0.3-h4 with Traps v4.1.0.28239

 

To learn how each vendor performed, download a copy of each Test Report. NSS Labs clients can also download the BPS Comparative Reports on Performance, SecuritySecurity Value Map, and TCO.

 

As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodology applied is in the public domain to provide transparency and to help enterprises understand the results.