There is a three-fold focus in ICSA Labs network IPS testing -- provide ongoing vulnerability-based coverage protection for high severity vulnerabilities in enterprise software -- introduce a minimal amount of latency -- and provide logging, authentication, and other administrative functions.  In the standard against which ICSA Labs tests - the Network IPS Enterprise Certification Testing Criteria - these three categories of requirements broaden into nearly 50 distinct requirements. 

The criteria document refers to an evolving "vulnerability set". Though a network IPS may provide additional protections, the device must minimally protect against all exploits (and evasions) targeting the vulnerabilities in this list. This baseline vulnerability set is currently comprised of high severity vulnerabilities in software that is relevant to enterprise end users.

To attain certification network IPS developers must meet the entire set of criteria requirements referred to above.  However, developers may additionally choose to be tested against the optional vulnerability set as well.  This set is strictly comprised of high severity client-side vulnerabilities in enterprise software.