CyberRatings.org reveals Enterprise Firewall evaluation results

CyberRatings.org announced the results of its latest Enterprise Firewall (EFW) evaluation, conducted by NSS Labs and now available at no cost on the CyberRatings.org website. The testing assessed seven leading Enterprise Firewall products using the Enterprise Firewall Test Methodology v3.0, revealing performance discrepancies.

The evaluations demonstrated a range in Security Effectiveness from 46.37% to 99.59%, indicating varied capabilities among the firewall products. Tests involved encrypted enterprise-grade workloads, incorporating 3,326 exploits, 11,311 malware samples, and numerous evasion techniques.

Key findings highlighted that while average block rates exceeded 96%, several vendors failed critical evasion tests, affecting defense reliability. Evasion vulnerabilities were observed, as common techniques bypassed multiple widely used firewalls. The need for precise detection was emphasized as over 95% of global web traffic is encrypted, complicating threat identification within TLS/SSL sessions.

Vikram Phatak, CEO of CyberRatings.org, commented on the challenges firewalls face against new attacker techniques, stating, “A vendor can have a near-perfect detection engine but if attackers can bypass that engine, it gives them a clear path through your defenses.” This underscores the necessity for continuous advancement in firewall technologies.

NSS Labs serves as the Official Testing Partner for CyberRatings, generating test results and reports. Their processes utilized proprietary testing tools to evaluate the security and stability of the firewalls.

The full Enterprise Firewall Test Reports, including the Comparative Report and Security Map, are accessible on CyberRatings.org.