Jun 27, 2024   SOURCE: PR NewsWire

CyberRatings.org Announces Enterprise Firewall Test Results

Multiple exploits for each evasion technique were used to measure each product's defense.
Protection rate scores ranged from 37.01% to 99.87%.

AUSTIN, Texas, June 27, 2024 /PRNewswire/ -- CyberRatings.org (CyberRatings), the non-profit entity dedicated to providing confidence in cybersecurity products and services through its research and testing programs, has completed an independent test of eight market leading enterprise firewall vendors. Seven products were Recommended, and one received a Caution rating.

Enterprise firewalls are used to protect a trusted network from an untrusted network while allowing authorized communications to pass from one side to the other, thus facilitating secure business use of the Internet. Protection rate tests verified how effectively the firewall protected control network access, applications, and users while preventing threats (exploits and evasions), blocking malicious traffic under extended load, and remaining resistant to false positives.

Key Findings:

    --  When an exploit is blocked by a firewall, applying an evasion technique
        to that exploit is often easier for an attacker than finding a new
        exploit that isn't blocked by that firewall.
    --  Threat actors apply evasion techniques to disguise and modify attacks to
        avoid detection by security products. Missing a type of evasion means a
        hacker can use an entire class of exploits to circumvent the security
        product. CyberRatings used multiple exploits for each evasion technique
        to see how each product defended against these combinations.
    --  Vendors have made progress towards "Secure by Default." For the products
        and versions CyberRatings tested, if a vendor's pre-defined high
        security configuration is selected, then firewall evasion defenses will
        be on by default. For other security configurations evasion defenses may
        not be enabled by default.
    --  Encryption matters: Roughly 80% of web traffic is encrypted. The top
        four cipher suites account for over 95% of HTTPS traffic. It should be
        noted that decryption is not on by default. Firewalls will not see
        attacks delivered via HTTPS unless configured to do so.
    --  Variants from well-known exploits are not always covered by vendors. At
        times, CyberRatings found multiple signatures/rules for the same Common
        Vulnerabilities and Exposures (CVE), with some offering more protection
        than others. Vendors may attempt to provide rapid coverage for high
        profile vulnerabilities by creating multiple exploit-specific
        signatures. If vendors don't follow up with more comprehensive defenses,
        this approach can lead to gaps in protection.

To our knowledge, this was the most comprehensive evasion test performed to date. We have accelerated our research into evasion techniques as attackers increasingly bypass defenses," said Vikram Phatak, CEO of CyberRatings.org. "An attacker can bypass protection if a firewall fails to detect a single form of evasion."

The following products were tested and rated:



     Enterprise Firewall                                   Rating      Protection Rated Throughput Price per Protected
                                                                         Rate       (Mbps)           Mbps



     Check Point Quantum Force 19200 plus R81.20           Recommended    98.41 %           12,281               $11.28



     Cisco Firepower 2130 Threat Defense v7.3.1 (build 19) Caution        37.01 %            1,040               $77.34



     Forcepoint 3410 NGFW version 7.1.1 build 29059        Recommended    96.89 %           14,961                $7.93



     Fortinet FortiGate-900G v7.4.4 GA                     Recommended    98.21 %           14,096                $3.25



     Juniper Networks SRX4600 JUNOS 22.4X3.1 srx4600       Recommended    99.54 %            7,772               $13.74



     Palo Alto Networks PA-450 v11.1.1                     Recommended    96.36 %            1,026                $6.52



     Sangfor NGAF 5300 AF 8.0.85.1029 Build 20240423       Recommended    97.48 %            5,719                $1.57



     Versa Networks CSG5000 versa-flexvnf-22.1.4-B         Recommended    99.87 %           15,811                $2.15

Keysight provided their CyPerf and BreakingPoint tools to test performance, TLS functionality and stability. TeraPackets provided their Threat Replayer tool for packet replay, and CyberRatings used its own proprietary tools for live exploits and evasions.

The Enterprise Firewall Test Reports, Comparative and Security Value Map(TM) are available at cyberratings.org.

Additional Resources:

Enterprise Firewall Configuration Guide
Enterprise Firewall Methodology v2.2
Why Firewalls Should be Secure by Default

About CyberRatings.org?

CyberRatings.org is a 501(c)6 non-profit organization dedicated to providing confidence in cybersecurity products and services through our research and testing programs. We provide enterprises with independent, objective ratings of security product efficacy to make informed decisions. To become a member,?visit?www.cyberratings.org and follow us on LinkedIn.

View original content to download multimedia:https://www.prnewswire.com/news-releases/cyberratingsorg-announces-enterprise-firewall-test-results-302184011.html

SOURCE CyberRatings.org