CDSA
NSS Labs Shares Intrusion Prevention Test Results
Story Highlights
Cybersecurity research and testing firm NSS Labs has announced the results of its Next Generation Intrusion Prevention Systems (NGIPS) group test, examining the security effectiveness, performance, and ownership costs of eight top NGIPS vendors.
Check Point, Cisco, Forcepoint, Fortinet, IBM, McAfee/Intel, Palo Alto Networks and Trend Micro were the cybersecurity products tested, with NSS Labs giving two of the products a “caution” rating, while two others received a “neutral” rating. The other four earned a “recommended” rating. Overall, security effectiveness ranged from as low as 25% to nearly 100%.
NSS Labs did not release the details of which products scored which ratings, instead offering product-specific reports via its web site.
“Next Generation Intrusion Prevention Systems are designed to protect against a new generation of threats that move faster and are more evasive than ever before,” said Thomas Skybakmoen, research director for NSS Labs. “Exploit block rates, consistency of protection over time, and false positive rates are critical metrics for enterprises to consider when purchasing an NGIPS.”
Using its NGIPS Test Methodology 2.0, NSS tested the eight products from June-September 2016, with live drive-by attacks between Aug. 28 and Sept. 26, using the NSS Labs’ Cyber Advanced Warning System (CAWS). In all, nearly 2,000 exploits were deployed by NSS Labs, with 120 evasion techniques utilized during the test. Nearly 2.6 million suspicious URLs turned up 2,400-plus drive-by exploits that are used by threat actors in active campaigns at the time of testing, the company said.
NSS Labs found that more expensive products didn’t always do better, and that the total cost of ownership per protected mbps was between $8 and $27. One of the products became susceptible to attacks under heavy traffic loads, while three were rated below their stated throughput.
The tested products included:
- Check Point Software Technologies, 13800 Next Generation Firewall Appliance vR77.20
- Cisco FirePOWER 8350 v6.0.1
- Forcepoint Stonesoft Next Generation Firewall 3301 v6.0.2
- Fortinet FortiGate 3000D v5.4.0
- IBM Security Network Protection XGS 7100 v5.3.2.1
- Intel Security McAfee Network Security Platform NS9100 v8.2.5.158
- Palo Alto Networks PA-7050 v7.0.4
