Home » Computer & Software » Hardware » Are Next Generation Firewalls Ready for the Enterprise?
Ihren XING-Kontakten zeigen

Are Next Generation Firewalls Ready for the Enterprise?

AUSTIN, TX — (Marketwire) — 10/18/12 — NSS Labs today released the final results and analysis from its 2012 Group Test for Next Generation Firewall (NGFW), which evaluated products from 8 leading NGFW vendors. This was the first group test conducted by NSS Labs for NGFW and results show that many products in the market need to mature in order to be ready for effective enterprise deployments.

View the .

While the changing threat landscape and ever-growing use of Web 2.0 technologies increasingly challenge traditional firewalls to evolve, NSS Labs concludes that current NGFW features, such as more granular application controls, frequently come with trade-offs. Testing reveals that most of the available NGFW solutions fall short in performance and security effectiveness when compared to combining traditional dedicated legacy firewalls and intrusion prevention systems (IPS).

Few NGFWs are ready for “prime time”: Only 50% of the NFGWs tested scored over 90% in security effectiveness vs. 75% of major IPS vendors in the dedicated IPS group.

Convenient configurations mean less protection: NSS Labs research shows that IPS features in NGFWs are seldom tuned and the devices are often deployed using vendors- default or recommended policy settings, creating significant gaps in coverage between NGFWs and dedicated firewall and IPS devices.

Vendor claims are often exaggerated: Of the 8 products tested, 5 performed well below vendors- throughput claims. Maximum connection rates were lower than preferred in all products tested — revealing a major concern; NGFWs must improve performance before they are ready for large enterprise deployments.

“Vendors turned in a good first showing, however there is significant room for NGFW technologies as a whole to improve before they are widely deployed in large enterprises,” said Francisco Artes, Research Director at NSS Labs. “It-s natural for enterprises to consider NGFW technology as their existing firewall and IPS defenses near replacement or renewal. However, until vendors improve overall stability, leakage, performance and security effectiveness, customers will be better served taking an incremental approach to introducing NGFW products to their networks.”

The 2012 NGFW Security Value Map, Comparative Analysis Reports, and Product Analysis Reports for each vendor are currently available to NSS Labs- subscribers at .

The products covered in the 2012 NGFW Group Test are:

Barracuda NG Firewall F900

CheckPoint 12600

Fortinet FortiGate 3140B

Juniper SRX 3600

Palo Alto PA-5020

SonicWALL SuperMassive E10800

Sourcefire 3D8250

Stonesoft StoneGate FW-1301

NSS Labs, Inc. is the world-s leading information security research and advisory company. We deliver a unique mix of test-based research and expert analysis to provide our clients with the information they need to make good security decisions. CIOs, CISOs, and information security professionals from many of the largest and most demanding enterprises rely on NSS Labs- insight, every day. Founded in 1991, the company is located in Austin, Texas. For more information, visit .

© 2012 NSS Labs, Inc. All rights reserved. All brand, product and service names are the trademarks, registered trademarks, or service marks of their respective owners.

ReseAnne Sims
Senior Marketing Manager
NSS Labs
Phone: +1 (832) 741-7373

You must be logged in to post a comment Login


Blogverzeichnis - Blog Verzeichnis bloggerei.de Blog Top Liste - by TopBlogs.de Bloggeramt.de blogoscoop