NSS Labs defines web application firewalls (WAFs) as network-based products designed to alter, monitor, and block HTTP, HTTPS, and HTTP/2 conversation from web applications and protect against web-based attacks.

REPORT FOCUS:

Implementation of WAF solutions can be a complex process, with multiple factors affecting the system’s overall performance. This Comparative Report provides data on factors affecting a WAF’s ability to perform, including:

• Capacity and connection rates
• Connection dynamics
• Vendor-claimed vs. NSS-Tested Capacity
• Concurrency and connection rates ?

PRODUCTS EVALUATED:

The following products were evaluated:

• Citrix NetScaler Web Application Firewall (AppFirewall) MPX 5910 v11.1.51.1006
• F5 BIG-IP 10050S Application Security Manager (ASM) v12.1.1.0.0.184
• Fortinet FortiWeb-3000E v5.5.5
• Radware AppWall 1008 v7.3.4
• Symantec Blue Coat ProxySG v6.6.5.1

To learn how each vendor performed, download a copy of each individual Test Report and WAF Comparative Reports on Security, Total Cost of Ownership, and Security Value Map™.
As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodology applied is in the public domain to provide transparency and to help enterprises understand the results.