a posting from Dark Reading in there Vulnerability Management section:
Layering security measures typically protects systems better: Research) by three University of Michigan graduate students in 2008, for example, found that using multiple antivirus engines result in much better protection than using a single program.
Yet, recent analysis by NSS Labs highlights that layering security devices rarely catches all attacks, and the attacks that manage to dodge defenses do so with regularity. The analysis–a survey of the company’s past tests of next-generation firewalls, intrusion prevention systems, and endpoint protection software–found that the tested products tended to fail in similar ways. While two products always performed better together than individually, their combined performances varied tremendously.
Overall, the lesson is that companies need to carefully select technologies to derive the greatest benefits from overlapping security measures, says Stefan Frei, research director at NSS Labs and the author of the analysis.
To read more click here: