Network Firewall Group Test 2011

Corporate networks and data are under attack more than ever, and the threats continue to change as do vendor solutions. Firewalls will continue to play a key role in layered defenses. An essential part of layered security, firewalls must be stable, fast, and easy to deploy and maintain.

In a report that should be a wake-up call to CISOs everywhere, we  uncovered serious flaws in these products, despite the maturity of the  market and their certification by two other major certification bodies.  Over the past 25 years, firewalls have become the foundation of perimeter security and are considered to be commodity products. However, our test results point towards the need for a much higher level of  continuous testing of network firewalls to ensure they are delivering appropriate and reliable security.

Products Tested:

• Check Point Power-1 11065
• Cisco ASA 5585
• Fortinet Fortigate 3950*
• Juniper SRX 5800*
• Palo Alto Networks PA-4020*
• SonicWALL NSA E8500*

For common questions around our Firewall Report, please read the Network Firewall FAQ. Consult the Firewall Issue Remediation brief for further assistance, should you have an affected firewall (currently affected devices include: Cisco ASA, Fortinet Fortigate*, Juniper SRX*, Palo Alto Networks*, and SonicWALL*). Firewall administrators may also wish to consult their firewall vendor support organization. NSS Labs can provide further assistance to clients upon request.

For further discussion, view our webinar: Is Your Firewall Leaking?

If you have a coupon code to redeem for this report, please contact us at advisor@nsslabs.com.

* These vendors have updated their products based on our testing. Further information is found in the Remediation brief.

Network Category
Subscription required