Log inSign up

Enterprise Firewall (formerly NGFW)

Click to enlarge

The Security Value Map ™ (SVM) provides a high-level analysis of the detailed findings from our tests. The x-axis displays the Price per Protected Mbps in US dollars. The y-axis displays the Protection Rate score as a percentage.

Where a product’s Protection Rate and Price per Protected Mbps scores will determine which section it falls into on the SVM:

  • Recommended: Products in the upper-right section are recommended for securityperformance, and value.
  • Neutral: Products that map into either the upper-left or lower-right sections are less capable than the Recommended category.
  • Caution: Products that map into the lower-left section of the SVM offer poor value for money.
Technology Overview

Seven out of eight products tested received Recommended ratings. One product received a Caution Rating. Multiple exploits for each evasion technique were used to measure each product’s defense. Protection rate scores ranged from 37.01% to 99.87%.

The products were subjected to thorough testing to determine how they handled TLS/SSL 1.2 and 1.3 cipher suites, how they defended against 1,509 exploits, whether protection could be bypassed by any of 1,569 evasions, and if the devices would remain stable under adverse conditions. To provide a more realistic rating based on modern network traffic, both clear text and encrypted traffic were measured.

Keysight provided their CyPerf and BreakingPoint tools to test performance, TLS functionality and stability. TeraPackets provided their Threat Replayer tool for packet replay, and CyberRatings used its own proprietary tools for live exploits and evasions.

In The Reports

Enterprise Firewall reports are provided in two ways: individual test reports for each vendor and a comparative report summarizing ratings and test results for all of the vendors in the test. While the overall Ratings are free to view, the individual test reports and the comparative report require a PAID Membership registration to access.

The detailed reports provide analysis of security effectiveness, performance, SSL/TLS functionality, routing & access control, and stability & reliability.