Web Application Firewall 

Security Value Map
Empirical data from individual Test Reports and Comparative Reports is used to create NSS Labs’ unique Security Value Map™ (SVM). The SVM illustrates the relative value of security investments by mapping Security Effectiveness against Total Cost of Ownership (TCO) per Protected Connections per Second (CPS) for tested product configurations.

Security Value Map Comparative Report
The Security Value Map™ (SVM) Comparative Report provides an aggregated view of the detailed findings from the NSS Labs group tests. Enterprise security decision makers can use the report to determine the relative value of security investments.

Security Comparative Report
Implementation of web application firewall (WAF) products can be complex, with multiple factors affecting overall security effectiveness. The following factors were considered when evaluating the security effectiveness of WAF products: deployment use cases, defensive capabilities (block rate), resistance to evasions, and device stability and reliability. 

Total Cost of Ownership Comparative Report
This report uses the NSS Labs Total Cost of Ownership (TCO) per Protected Connections per Second (CPS) model to calculate TCO for web application firewall (WAF) products. Calculations incorporate capex over a three-year period, including initial acquisition and deployment costs and annual maintenance, support, and update costs (software and hardware updates).

Performance Comparative Report
Implementation of web application firewall (WAF) products can be complex with multiple factors affecting overall performance. This report provides data on factors that should be considered when evaluating the performance of a WAF: applications and web services to be protected, predominant traffic mix, security policies in place

Test Reports
Test Reports provide detailed analysis on each product tested. They help enterprise security teams understand a product’s features as well as its limitations and can be used to shortlist products for further evaluation and proof-of concept testing. Data from these reports is used in the NSS Labs Comparative Reports.

Looking for something else? Ask an analyst.

As with all NSS Labs group tests, there was no fee for participation. All testing was conducted independently and was not paid for by any vendor. In addition, the test methodology applied is in the public domain to provide transparency and to help enterprises understand the results.

·      Citrix NetScaler Web Application Firewall (AppFirewall) MPX 5910 v11.1.51.1006

·      F5 BIG-IP 10050S Application Security Manager (ASM) v12.

·      Fortinet FortiWeb-3000E v5.5.5

·      Radware AppWall 1008 v7.3.4

·      Symantec Blue Coat ProxySG v6.6.5.1