AUSTIN, Texas – December 21, 2017 – NSS Labs, Inc., a global leader and trusted source for independent, fact-based cybersecurity guidance, today announced its Data Center Security Gateway (DCSG) Group Test results. Growing reliance on the Internet and IT infrastructures has placed significant demands on corporate data centers. The rise in cyber threats has led enterprises to seek new defenses and ways to enhance existing defenses to protect not only their end users, but also the intellectual property and mission-critical applications residing in their data centers. Industry analysts estimate that the data center security market will reach $13.38 billion by 2020, with a CAGR of 14.70%.1

Enterprises host servers and applications in the data center to deliver business services such as audio and video streaming, retail and B2B e-commerce, business applications, and the routing infrastructure that runs the Internet. While perimeter devices are expected to protect end users and a wide range of end user applications, enterprises must also protect the intellectual property and mission-critical applications that reside in their data centers.

Data center security gateways (DCSGs) converge data center firewall (DCFW) and data center intrusion prevention system (DCIPS) technologies and play a vital role in today’s security infrastructure. A DCSG must be able to perform access control and deep packet inspection in order to protect server applications from remote attacks. Unlike its NGFW cousin, which protects users from the Internet, the DCSG protects data center servers and the applications that run on them (i.e., web servers, mail servers, DNS servers, application servers, etc.) from potential threats.

The 2017 Data Center Security Gateway Group Test results provide insight into DCSG products, including their security effectiveness, performance, stability and reliability, and total cost of ownership (TCO).

Key findings from the test:

  • Five products achieved a Recommended rating for IPv4; four products achieved a Recommended rating for IPv6; one product received a Security Recommended rating for IPv6.
  • Security Effectiveness of verified products ranged between 79.7% and 98.3%.
  • The average Security Effectiveness rating was 73.3%; five products received a Security Effectiveness rating above this average.
  • TCO per Protected Mbps for verified products ranged between US$3 and US$10, with most tested products costing less than US$7 per protected Mbps.
  • The average TCO per Protected Mbps (Value) was US$8; five products demonstrated value above the average.

“Enterprises are increasingly evaluating the implications of replacing existing data center firewalls and data center intrusion prevention systems in their data centers,” said Jason Brvenik, Chief Technology Officer at NSS Labs. “The 2017 Data Center Security Gateway Group Test results help enterprises understand the true cost of their investments and the capabilities necessary to address their specific use case requirements.”

The following products were tested:

  • Cisco FirePOWER 4150 v6.2.2
  • Fortinet FortiGate 3000D v5.4.5 GA Build 3273
  • Fortinet FortiGate 7060E v5.4.5 GA Build 6355
  • Juniper Networks SRX5400E v15.1X49-D100.6
  • Palo Alto Networks PA-5250 PAN-OS 8.0.3-h4
  • Unverified Products: Check Point and Huawei

1Mordor Intelligence Study, Data Center Security Market – Industry Analysis, Geography, Trends, Forecast – (2017 – 2022)

NSS Labs is committed to providing empirical data and objective group test results that enable organizations to make educated decisions about purchasing and optimizing security infrastructure products and services. As with all NSS Labs group tests, there is no fee for participation, and the test methodology is available in the public domain to provide transparency and to help enterprises understand the factors behind test results.