AUSTIN, Texas – June 7, 2022 – CyberRatings.org, the non-profit entity dedicated to providing transparency on cybersecurity product efficacy, has published its Security Service Edge (SSE) rating for Zscaler. CyberRatings conducted an independent test of Zscaler’s Firewall as a Service (FWaaS) with Zscaler earning a ‘AAA’ rating overall. Management, Routing and Policy Enforcement, Zero Trust Network Access (ZTNA), SSL/TLS Functionality and Performance were tested.
SSE technology is new to the market with security vendors continuing to introduce their technology offerings in the space. First introduced by Gartner in a late 2019 blog post as Secure Access Service Edge (SASE) technologies include SD-WAN, SWG, CASB, ZTNA and FWaaS as core abilities. Gartner then introduced Security Service Edge (SSE) in 2021 as a subset of SASE which excluded the SD-WAN.
“This SSE test is the first of its kind. The complexity of testing new technologies in a cloud service meant we couldn’t just use the same test tools and procedures. Everything needed to be reimagined,” said Vikram Phatak, CEO of CyberRatings.org. “We collaborated with Keysight’s network and cloud product teams over many months to develop tools that could address this challenge,” added Phatak.
Keysight developed CyPerf in order to test cloud performance (including the performance of TLS / SSL encrypted traffic) cipher suite support, policy enforcement and stability / reliability.
“The distributed nature of hybrid/cloud networks calls for a new way of testing,” said Ram Periakaruppan vice president and general manager, Keysight’s Network Test and Security Solutions. “Keysight developed its industry-first cloud-native CyPerf test solution to help users validate services like SSE, software-defined wide area network (SD-WAN), and cloud network firewall. We are excited to partner with CyberRatings in testing the SSE technology.”
CyberRatings has a three-phase plan for testing SSE products, with FWaaS and ZTNA as the first phase. Phase two will include testing detection / prevention of exploits, malware, and evasions. The third phase will address data protection, exfiltration and compliance.