As we get closer and closer to the end of 2009 businesses are beginning to reevaluate their security products. When evaluating products most companies have a clear picture of the features they want. So they look for products that offer those features. This seems logical but when you think about it, this method is actually one of the worst ways to select a product. Let me use the analogy of a car. When you are in the market for a new car there are certain features you must have.
You'll want an engine, four tires, power windows, anti-lock brakes etc. Now what if all you did was find a car that had all these features? You might end up with an engine that floods, tires that go flat, windows that don't work when it is cold or brakes that have cracked brake pads. Of course when you are looking for a car you are going to look at the quality of each feature not just if the feature is present.
Why then do IT administrators simply use a simple feature check list when purchasing a security (or other technology) solution? When evaluating any purchase, be it a car or a network security product, customers should try to understand the depth or quality of the features each prospective purchase has. What is the best way to do this? Sticking with the car analogy here are a few ways to evaluate a security product effectively. Industry reports/news items When you begin your search for a new car one of the first things you should do is look for news items related to the industry.
Have there been any serious recalls or safety problems? Is there a new model of a brand you like? You can do the same when searching for a security product. Google “network security” and look on the news pages and press release pages of the products you are short listing. This will give you an idea of what is going on with the companies and products you are looking at. Customer References Next you should talk to others you know who drive the type of cars you are interested in buying. Finding customer references may be easier with cars than with security products as you can easily determine what someone drive (just watch them get in their car), but companies don't advertise the security solution they are using on their website.
Ask other IT administrators you know what they use and what their opinion of this product is, look on network security forums to see what people are saying and check out the companies web page – more than likely they have a library of customer success stories telling you how the product solved the customers problems. Awards and Certifications Car companies know awards matter.
This is why so many car ads include information about what awards they have earned. Industry awards and certifications normally have clear guidelines for who will be recognized so if having a strong IPS is important to you, look for companies that have received awards for having a high performing IPS. Test Drive Of course all the research in the world can't replace a test drive.
Once you've seen the awards, heard the customer success stories and read the industry or analyst reports you'll want to test the product yourself. If the vendor doesn't allow for a free trial ask yourself why? What are they hiding? A company that is confident in their products' feature depth as well as its breadth should have an issue with you testing their product for a given amount of time. How else would you know if you will like how the product drives?
The original article/video can be found at You wouldn’t buy a car without test driving it first – would you?