CyberRatings.org updates Fortinet and Palo Alto Networks enterprise firewall ratings

CyberRatings.org released updated evaluations for the Fortinet FortiGate-200G and Palo Alto Networks PA-1410 enterprise firewalls, reflecting improvements in their performance and security ratings.

The reassessment resulted in both devices moving from a Caution status to Recommended, highlighting changes made to address prior concerns related to evasion resistance identified in tests conducted by NSS Labs.

Fortinet enhanced its Intrusion Prevention System (IPS) capability by updating its signature package, increasing exploit evasion resistance from 60% to 100%, and raising overall security effectiveness to 99.24%. Palo Alto Networks upgraded its PAN-OS firmware from version 11.2.8-c537 to 11.2.10-c37, eliminating evasions at Layer 3 IP and Layer 4 Transmission Control Protocol (TCP), shifting exploit evasion resistance from 0% to 100%, with security effectiveness increasing to 96.07%.

The retesting employed the same methodologies and datasets as the original Q4 2025 Enterprise Firewall Comparative Report, which involved seven products under conditions simulating real-world network traffic. Tests were conducted using NSS Labs technology alongside Keysight’s CyPerf tool to assess security, performance, Transport Layer Security (TLS), and stability.

Vikram Phatak, CEO of NSS Labs, said, “The speed at which these vendors addressed and resolved critical issues shows their commitment to their customers’ security.” A blog accompanying the results emphasized the role of transparency and prompt remediation in maintaining firewall effectiveness.

Both vendors provided updates and requested immediate retesting following the initial findings. Fortinet advised those running earlier IPS versions to upgrade promptly, and Palo Alto Networks confirmed that its updated firmware would reach General Availability (GA) within 90 days.