When you buy a sports car, it's a no-brainer that you'll take it for a test drive to make sure you like the way it handles, the comfort level and its performance. And if you're like me, when purchasing a security . . .
When you buy a sports car, it's a no-brainer that you'll take it for a test drive to make sure you like the way it handles, the comfort level and its performance. And if you're like me, when purchasing a security product for your company, you show the same due diligence to make sure you're getting the performance you need.

My company recently tested and acquired a network-based intrusion-detection system (IDS). Over the past few months, I've received many e-mails from readers asking me to explain the performance-testing methodology I used, so I've decided to share how I tested our network-based IDS. (A network-based IDS server watches traffic destined for all host systems on a subnet, while a host-based IDS typically runs on each host system to be protected.)

Performance is only one possible criterion for choosing an IDS. Depending on the level of expertise of you and your staff and the amount of resources available, your requirements and testing criteria may be different from mine. You might focus on ease of use and strong reporting, ease of creating new attack signatures or price.

The link for this article located at Computer World is no longer available.