Wade Williamson, product marketing manager at Palo Alto Networks (www.paloaltonetworks.com), says:

In addition to throughput, what are the essentials when it comes to purchasing an IPS?

IPS (intrusion prevention system) block rates should always be evaluated in context of throughput, and vice versa. IPS solutions are notoriously prone to performance degradation as the IPS rules become more stringent, and often vendors will advertise their best-case block rates and their best-case performance metrics even though they use very different configurations. To avoid this bait-and-switch, SMEs should look for third party testing of their solutions that show the real performance at the most stringent block rates. Managers will also need to research the quality of the IPS vendors’ research teams. These vendor researchers will be key in both discovering new vulnerabilities as well as quickly developing signatures for newly discovered threats.