CyberRatings.org announces Enterprise Firewall test results
CyberRatings.org announced the results of its recent Enterprise Firewall (EFW) evaluation, conducted by NSS Labs. The findings reveal a wide range in Security Effectiveness, with scores varying from 46.37% to 99.59%. The tests assessed seven leading enterprise firewall products using the Enterprise Firewall Test Methodology v3.0, examining their performance against numerous exploits and malware.
The evaluations covered encrypted enterprise-grade workloads, including 3,326 exploits, 11,311 malware samples, and 5,752 evasion techniques across 53 categories. The firewalls had to maintain operational stability throughout the testing process.
Key Findings
- Attackers Are Bypassing Defenses: While average block rates for exploits and malware surpassed 96%, three notable vendors Decentralized Identity (DID) not meet critical testing standards, impacting their effectiveness. Only three of the seven products received a Recommended rating.
- Evasion Vulnerabilities: Some common transport and network-layer evasion techniques circumvented widely deployed firewalls.
- Encrypted Threats: With over 95% of web traffic being encrypted, detection of threats within TLS/SSL sessions proved challenging for certain products, resulting in performance declines.
- Accuracy Matters: One product demonstrated only 80% accuracy in false-positive rates, potentially leading to increased operational costs and diminished trust in security alerts.
Vikram Phatak, CEO of CyberRatings.org, noted, “Enterprise Firewalls are constantly evolving to combat new attacker techniques and tools but sometimes that evolution takes a wrong turn. A vendor can have a near-perfect detection engine but if attackers can bypass that engine, it gives them a clear path through your defenses.”
NSS Labs serves as the Official Testing Partner of CyberRatings, using Keysight’s CyPerf tool for security, performance, Transport Layer Security (TLS) functionality, and stability testing for Enterprise Firewalls. Test reports are accessible on the CyberRatings.org website.