CDSA

NSS Labs Announces Web Application Firewall Group Test Results

NSS Labs Announces Web Application Firewall Group Test Results

NSS Labs has announced the results of its second Web Application Firewall (WAF) Group Test. A growing segment of the security market, WAFs employ a wide range of functions to work in conjunction with perimeter firewalls and intrusion prevention system (IPS) technologies to provide protection specifically for web applications. Of the five market-leading WAF vendors whose products had results published today, four products received a Recommended rating, while one product received a Caution rating.

Websites are exposed to web-based application attacks designed to bypass data center firewalls (DCFWs) and data center intrusion prevention systems (DCIPS). WAF products protect web servers by inspecting HTTP communication for malicious content. Although WAF products can be used as transparent bridges to inspect traffic, many enterprises are utilizing WAFs as reverse proxies that sit between the user and web server, allowing inspection of encrypted traffic. The ability of WAFs to inspect encrypted traffic has become increasingly important, as at least 75% of all web traffic will be encrypted by 2019.

To validate their security effectiveness, WAF products were tested for their ability to successfully identify and protect against targeted exploits, including known vulnerabilities and coding errors. Products were also tested against the Open Web Application Source Project (OWASP) Top Ten, and false positive testing was conducted to determine whether they could support SSL encryption and identify legitimate traffic. Total cost of ownership (TCO) was calculated based on Protected Mbps to provide enterprises with insight into cost and to create a normalized comparison across products.

Key findings include:

  • Overall Security Effectiveness ranged from 92.45% to 98.11%, with four of the five tested products achieving a rating greater than 98%.
  • TCO per Protected CPS ranged from US $0.37 to US $25.01, with most tested products costing less than US$7.00 per Protected CPS.
  • The average Security Effectiveness rating was 96.98%; four devices received an above-average Security Effectiveness rating, and one received a below-average Security Effectiveness rating.
  • The average TCO per Protected CPS was US$8.21; four products were rated as having above-average value, and one was rated as having below-average value.

“In 2016, close to half of the network attacks targeting web applications came in through HTTP traffic and SSL vectors,” said Vikram Phatak, CEO at NSS Labs. “WAF devices are important lines of defense to secure critical web commerce operations and combat these attacks. The WAF Group Test results underscore the need for objective, vendor-neutral insights to help enterprises select the right solutions to strengthen their security posture.”

The five market leaders in the WAF Group Test include:

  • Citrix NetScaler Web Application Firewall (AppFirewall) MPX 5910 v11.1.51.1006
  • F5 BIG-IP 10050S Application Security Manager (ASM) v12.1.1.0.0.184
  • Fortinet FortiWeb-3000E v5.5.5
  • Radware AppWall 1008 v7.3.4
  • Symantec Blue Coat ProxySG v6.6.5.1

As with all NSS Labs Group Tests, there was no fee for participation, and the Test Methodology is available in the public domain to provide transparency and help enterprises understand the factors behind the results. The “no fee for participation” and “public domain” are part of NSS Labs commitment to provide empirical data and objective group test results that enable security organizations to make educated decisions about purchasing and optimizing security infrastructure products and services.

A free download of the Security Value Map™ (SVM) graphic can be found here. For more information, or to purchase NSS Labs Test Reports, click here. To learn more about the WAF Test Methodology and the WAF Group Test results, please click here.

  • linkedin
  • fb
  • twitter
  • google plus
  • email

TOP HEADLINES

  • Dolby Brings Both the Audio and Visual Awe with Technical Wonder ‘Escape’ (No Film School)As a part of Tribeca Film Festival's masterclass s more...

  • AWS Revenue Up 42 Percent to $3.66 Billion in 1Q 2017 (GeekWire)The crown jewel of Amazon’s business, Amazon Web more...

  • Top Six Digital Transformation Trends in Media, Entertainment (Forbes)Cord-Cutting Has Led To New Business Models: It us more...

  • Pai Pleases Broadcasters with Dereg Pledge (Light Reading)Even before he called for the rollback of net neut more...

  • Salesforce Report Finds IT Units Need to Focus on Customer Experience (eWeek)Cloud computing and other technology advances have more...

  • Oracle’s Paul Sonderegger on How CFOs Can Grapple ‘With the Valuation of Intangibles’ (Forbes)As Oracle’s big data strategist, former Forreste more...

  • Study: 69% of U.S. Homes Connect a TV to Internet (MCN)Some 69% of U.S. TV homes now have at least one TV more...

  • Should Your Next Big Hire Be a Chief AI Officer? (CIO)As companies increasingly turn to artificial intel more...

  • Xbox Chief: We Need to Create a Netflix of Video Games (The Guardian)Something big has happened to the video game indus more...

  • Rackspace Launches Professional Services for AWS (Data Center Knowledge)As Amazon Web Services (AWS) continues to dominate more...

  • Facebook Lets Content Owners Claim Ad Earnings of Pirated Videos (TechCrunch)Facebook finally has a better solution to freeboot more...

  • BitTorrent is Shutting Down its Live TV Streaming Service (Variety)San Francisco-based BitTorrent Inc. is set to shut more...


OUR MEMBERS