Data provides insight into the capabilities of product suites across the cybersecurity market.
AUSTIN, Texas – August 7, 2019 – NSS Labs, Inc., a global leader and trusted source for independent, third-party cybersecurity product testing, today announced the release of its Analysis of Breach Prevention Systems (BPS). Breach Prevention Systems are solution suites, involving endpoint, network, sandbox, cloud, and other integrated protections. Vendors have been claiming for years that if enterprises purchase their entire suite, they will see better results. Enterprises asked NSS Labs if this was true as many perform technology proofs-of-concept (PoCs), but few have the resources to test a multilayer defense with so many integrated protections.
NSS Labs’ Analysis of Breach Prevention Systems is the outcome of testing Next Generation Firewalls (NGFWs), Next Generation Intrusion Prevention Systems (NGIPS), Breach Detection Systems (BDS), and Advanced Endpoint Protection (AEP) products over the past year. All tests permitted the use of cloud capabilities such as reputation systems, sandboxing, emulation, machine learning, etc.
In the course of NSS Labs research and testing, we found:
· Some vendors are having more success developing integrated/coordinated technical solutions than others. Enterprises relying on marketing material have had varying experiences—not all vendors are as truthful as others. It is important to validate claims.
· Many organizations purchase endpoint, network, cloud, and forensic security technologies at different points in time. This process can hinder selection and deployment of coordinated security solutions.
· Despite the number of vendors in the cybersecurity space, few provide credible protection from multiple attack vectors across all defensive layers.
· Evasions are still a challenge for all vendors; however, agile development processes seem to be enabling rapid remediation when evasions are identified.
· Vendor claims to protect vulnerabilities (regardless of the exploit specifics) are largely dependent on the nature of the vulnerability and whether it lends itself to such protection. Test results found all products had room for improvement when confronted with unknown variants of known exploits.
“This is the first time that NSS Labs has published a comparison of technology suites,” said Jason Brvenik, Chief Executive Officer at NSS Labs. “Attackers are compromising organizations seemingly at will. Protection solutions need to improve, and as we see in this analysis, several vendors are stepping up,” added Brvenik.
Each product may fall into one of four categories based on its rating in the SVM: Recommended, Security Recommended, Neutral, or Caution. The following were rated as Recommended based on comparative scores for overall Security Effectiveness and TCO per Protected Mbps:
· Check Point Software Technologies 15600 Next Generation Threat Prevention Appliance R80.20 + Endpoint Security E80.82
· Check Point Software Technologies 6500 Security Gateway R80.20 & Check Point SandBlast Agent Next Generation AV E80.82.1
· Fortinet FortiGate 500E v6.0.3 + FortiClient v22.214.171.12419 + 3 + FortiSandbox v3.0.2 (AWS BYOL)
· Fortinet FortiGate 500E v6.0.4 build 0231 & Fortinet FortiClient v6.0.3
· Fortinet FortiGate 500E v5.6.4GA build 7892 & Fortinet FortiClient v6.0.3
· Fortinet FortiGate 3000D v5.6.4GA build 7892 & Fortinet FortiClient v6.0.3
· Palo Alto Networks PA-5220 PAN-OS 8.1.2 + Traps v126.96.36.1992
· Palo Alto Networks PA-5220 PAN-OS 8.1.6-h2 & Palo Alto Networks Traps 188.8.131.5213
· Palo Alto Networks PA-5220 PAN-OS 8.1.2 & Palo Alto Networks Traps 184.108.40.20613
· Sophos XG 750 Firewall SFOS v17.5 & Sophos Intercept X Advanced v2.0.10
· Trend Micro TippingPoint 8200TX Appliance v220.127.116.11751 + Deep Discovery Analyzer v18.104.22.168 + OfficeScan v12.0.5024
· Trend Micro TippingPoint 8400TX v22.214.171.12465 & Trend Micro Smart Protection for Endpoints v12.0.5024
NSS Labs is committed to providing empirical data and objective group test results that help organizations make educated decisions about purchasing and optimizing security products and services. We believe if a product is good enough to sell, it is good enough to test. If you do not see a product you are interested in, ask them where their results are and encourage participation. As with all NSS Labs group tests, there is no fee for participation.