How do you know that vendor claims about an appliance are justified? When selecting new network security equipment, independent third party research is a valuable resource. One of the best known organizations in the industry, NSS Labs, released their annual Next Generation Firewall (NGFW) test results today. The WatchGuard Firebox M4600 was “Recommended” In the 2017 Security Value Map™ (SVM). The Firebox scored above average in both security effectiveness and Total Cost of Ownership.
This is a widely anticipated report each year since the Austin Texas based company is recognized as the world’s leading provider of independent security research and analysis. Unlike general analyst firms like Gartner or Forrester, NSS does a hands-on technical evaluation of the security equipment in their lab each year. The report is not a simple rubber stamp approval of vendor claims. This year 4 out of the 13 vendors tested were rated as a “caution”.
NSS test results are often controversial. Vendors don’t always fully agree with the methodology used in the test reports or even the algorithms that define an overall score. At WatchGuard, our philosophy has always been to work closely with independent labs like NSS to look for ways to improve our product and to make it more robust, reliable, and effective at blocking security attacks.
NSS expanded the testing of evasions this year, which are techniques that attackers use to disguise and modify attacks at the point of delivery to avoid detection and blocking by security products. This year the NSS NGFW (version 7) expanded their test coverage of evasions, adding polymorphics like Shikata-Ga-Nai and Veil-Evasions and adding the popular evasion test site HTTP-Evader (http://http-evader.semantic-gap.de/). WatchGuard missed just one of the 137 evasion tests performed, whereas some of the other vendors missed on 10 or more of the evasion tests. We’ll continue to work on this and expect to have an update available in the near future.
For the second year running, the NGFW Group Test integrates the Cyber Advanced Warning System (CAWS) for continuous testing. CAWS is a cloud hosted software service that actively monitors and harvests live internet threats and attacks each day to find the most active attacks. The system then targets these attacks against environments that are protected by the most widely used security solutions in the industry. WatchGuard scored 99.87% in the CAWS portion of the testing.
Is this an NGFW or UTM test?
There is no common industry definition of NGFW, and there has long been confusion in the marketplace about the difference between NGFW and UTM. (See Prakash’s blog post on this topic late last year.) This test includes network security appliances that combine stateful firewall function, intrusion prevention, application control, anti-malware, and reputation services. Previously Anti-Malware was broken out as a separate option in the CAWS testing. But now it is included as part of the NGFW profiles for CAWS.
Enterprise Class Security
Specific results of the test are provided below but our positioning in the SVM is clear evidence of what we preach – WatchGuard provides enterprise-grade security at a price to performance ratio that is affordable for small-to-medium enterprises and distributed enterprises.
For detailed information, download the full report here: http://www.watchguard.com/nsslabs