Listen to the in-depth examination of the latest NSS Labs enterprise firewall testing. Hosts Erica Smith and Eric Marquette cover how seven major vendors—Check Point, Cisco, Forcepoint, Fortinet, Juniper, Palo Alto Networks, and Versa—performed against 3,300+ exploits and 11,000+ malware samples. The analysis reveals critical performance differences in encrypted traffic inspection, exploit evasion resistance, and false positive rates.
Check Point, Juniper, and Versa land at 99%+ security effectiveness, while Cisco and Palo Alto Networks struggled significantly with evasion techniques, dropping below 60% and 47% respectively in the Comparative Test published November 5th. Follow-on tests of Fortinet and Palo Alto Networks showed significant improvements, moving both products from “Caution” to “Recommended” ratings.
This discussion emphasizes why real-world testing metrics—particularly evasion resistance and operational overhead—matter more than spec sheet numbers and highlights the shift from cost-focused evaluations to security effectiveness as the primary selection criterion.