Implementation of intrusion prevention systems (IPS) can be a complex process with multiple factors affecting the overall performance of the solution. Each of these factors should be considered over the course of the useful life of the solution, including:
Where will it be deployed?
What is the predominant traffic mix?
What security policy is applied?

There is usually a trade-off between security effectiveness and performance; a product’s security effectiveness should be evaluated within the context of its performance (and vice versa). This ensures that new security protections do not adversely impact performance and security shortcuts are not taken to maintain or improve performance.

This report is part of a series of Comparative Analysis Reports (CAR) on security, performance, management, total cost of ownership (TCO), and Security Value Map (SVM). In addition, a SVM Toolkit is available to NSS clients that allows for the incorporation of organization-specific costs and requirements to create a completely customized SVM