Nearly 500 software and hardware vendors offer more than 1,700 security products and services. Some are spectacularly valuable; others are no more useful than an electric fork. It's difficult to keep track of them all, and even more difficult to learn which will make an important improvement in the defensive posture of your organization.

Prospective buyers want answers to questions such as:

• How well will the product reduce specific threats?
• How difficult is it to implement?
• How well does it work with other security and system management products?
• What can go wrong during an implementation?
• How good is technical support?

The only people who have good answers are those who actually use the products, but prospective users don't usually have access to those people. So to help each other and the community, more than 100 user organizations have begun sharing the lessons they learn in deploying dozens of security products.