NGIPS: Market Trends and Group Test Results

On October 11th, we released the results of our Breach Detection System 5.0 Group Test. All three of the vendors that participated in this test achieved the coveted NSS Labs Recommended rating: Lastline, Fortinet, and Trend Micro.

The test provides enterprises with valuable insights into the security effectiveness, performance, and total cost of ownership (TCO) of the tested products.

•Time-to-Detect: The time it takes for attempted or successful breaches to be detected can influence an attack’s overall impact. The more time an adversary has to operate after breaching a network, the greater the possible damage. For a BDS product, rapid detection and analysis of both successful and attempted breaches is critical in halting the damage caused by breaches.

•Evasions: Providing results for a product’s detection capabilities without fully factoring in evasions can be highly misleading in terms of understanding security efficacy; therefore, the security effectiveness score includes evasion techniques. In this test, products were tested against 374 evasions.

•Resiliency: The resiliency of BDS products was measured by introducing a vulnerability along with its triggers and then asking the products to detect it. By testing resilience, NSS Labs shows enterprises which BDS products detect different variations of an exploit. One product demonstrated full resilience against tested attack variants.

Attend our BDS 5.0 Group Test webinar on Tuesday, November 6 at 1:00 p.m. CST to find out how each product scored! Our BDS experts will be available during the webinar to address questions about the test and the products tested.

On September 20th, we released the results of our Next Generation Intrusion Prevention System 4.0 Group Test. The test included products from six of the industry’s leading NGIPS vendors: Forcepoint, Fortinet, IBM, Juniper Networks, Palo Alto Networks, and Trend Micro. This fourth iteration of our NGIPS group test measured:

•Security effectiveness – A security product that fails to protect what’s important to you can lead to catastrophic consequences for your organization. Understanding a product’s capability to provide protection against exploits including evasion techniques will help you evaluate which NGIPS product is the best fit for your organization.

•Performance – Thanks to the rapid adoption of social media, streaming video, teleconferencing, and other bandwidth-intensive technologies, network behavior is changing rapidly. Which NGIPS products have adapted, and what should you consider when you are designing your next-generation network?

•Total cost of ownership (TCO) – Your expenses don’t end when you purchase a product. Installation costs (people), software maintenance, and ongoing policy and log maintenance are some of the expenses you should plan for. Which products have the lowest TCO over a multi-year period?

The software-defined wide area network (SD-WAN) has gained wide adoption in the past few years. In a recent NSS Labs survey, 82.2% of the survey respondents indicated that their organization has already adopted SD-WAN technology. These products provide robust control, and optimization which makes them a compelling alternative to traditional WAN products.

In this groundbreaking inaugural test, nine of the industry’s leading SD-WAN products were examined to help enterprises understand the merits of products in the market and identify the capabilities best suited to meet their use case requirements.

Firewall technology is one of the largest and most mature security markets, and the next generation firewall (NGFW) is a prime example of how cybersecurity controls continue to evolve in the face of a constantly changing attack surface. These network security products combine firewall capabilities with intrusion prevention system (IPS) functionality, application control, user awareness, and the capability to integrate threat intelligence feeds.

NSS Labs recently announced the results of our Next Generation Firewall (NGFW) 8.0 Group Test. In this year’s test, products from 10 of the industry’s leading NGFW vendors were examined for security effectiveness, performance, and total cost of ownership (TCO). In this eighth iteration of the NGFW test, evasion testing was expanded to include resiliency against modified exploits, and the test also included secure sockets layer (SSL)/transport layer security (TLS) testing.

Tune into this webinar to learn how SonicWall performed in NSS Labs' NGFW 8.0 Group Test.

Enterprises are projected to spend an estimated $96 billion on security products and services in 2018. But will they have the empirical data to know if those investments actually reduce their exposure to threats? In our discussions with chief information security officers (CISOs), within the financial services industry, this lack of information is a recurring topic of concern.

Supporting this need for ongoing measurement, governments and regulators have produced a number of frameworks that apply to the financial services industry, including NIST, FFIEC, and GDPR (if conducting business in the European Union). All of these frameworks contain mandates for measuring and monitoring security controls. If you have not yet done so, now is the time to think about the resources you will need to implement a successful continuous monitoring program.

Anil Nandigam, Senior Director of Product Marketing with NSS Labs, will conduct a live demonstration of the Continuous Security Validation Platform. This cloud-based customizable platform provides real-time empirical data regarding the effectiveness of enterprise security controls and also reveals the operating systems and applications most often targeted by today’s active threats.

In this webcast, you will learn how NSS Labs’ Continuous Security Validation can help your organization:
•Gain visibility into the efficacy of security controls
•Improve internal processes and responses
•Justify existing security investments or budget requests for new solutions
•Demonstrate preparedness to management
•Advance compliance with industry frameworks

Firewall technology is one of the largest and most mature security markets, and the next generation firewall (NGFW) is a prime example of how cybersecurity controls continue to evolve in the face of a constantly changing attack surface. These network security products combine firewall capabilities with intrusion prevention system (IPS) functionality, application control, user awareness, and the capability to integrate threat intelligence feeds.

NSS Labs recently announced the results of our Next Generation Firewall (NGFW) 8.0 Group Test. In this year’s test, products from 10 of the industry’s leading NGFW vendors were examined for security effectiveness, performance, and total cost of ownership (TCO). In this eighth iteration of the NGFW test, evasion testing was expanded to include resiliency against modified exploits, and the test also included secure sockets layer (SSL)/transport layer security (TLS) testing.

Despite extensive investment, achieving an effective cybersecurity strategy remains an elusive pursuit. Enterprises spent an estimated US$90 billion on cybersecurity products in 2017, and yet most remain uncertain about their level of protection.

Anil Nandigam, Senior Director of Product Marketing, will use real-world customer examples to show how NSS Labs’ Continuous Security Validation provides visibility into the efficacy of security controls and delivers empirical data that can be used to rationalize new or existing security investments.

Watch this informative webcast to learn more about how your organization can start taking a data-driven approach to cybersecurity.

Whether we are talking about the traditional desktop, laptop, or mobile device, the endpoint is always the target of cybercriminal activity. Advanced endpoint protection (AEP) is a disruptive new technology that focuses on preventing cybercriminals from ever reaching or executing on the endpoint. AEP products employ sophisticated techniques such as machine learning, pattern recognition, or predictive algorithms to detect and block malware and to contain suspicious activities.

NSS Labs recently announced the results of the highly anticipated Advanced Endpoint Protection (AEP) 2.0 Group Test. This year’s test included 20 of the industry’s leading AEP vendors to measure how well each of their products could detect, prevent, and log threats accurately, while remaining resistant to false positives. In addition to security effectiveness, each product was scored according to its total cost of ownership so that enterprises can understand each AEP product's overall value.

Tune into this webinar to learn how Palo Alto Networks performed in NSS Labs' AEP 2.0 Group Test*.

*Registration information will be shared with both presenting parties (NSS Labs and Palo Alto Networks)

Whether we are talking about the traditional desktop, laptop, or mobile device, the endpoint is always the target of cybercriminal activity. Advanced endpoint protection (AEP) is a disruptive new technology that focuses on preventing cybercriminals from ever reaching or executing on the endpoint. AEP products employ sophisticated techniques such as machine learning, pattern recognition, or predictive algorithms to detect and block malware and to contain suspicious activities.

NSS Labs recently announced the results of the highly anticipated Advanced Endpoint Protection (AEP) 2.0 Group Test. This year’s test included 20 of the industry’s leading AEP vendors to measure how well each of their products could detect, prevent, and log threats accurately, while remaining resistant to false positives. In addition to security effectiveness, each product was scored according to its total cost of ownership so that enterprises can understand each AEP product's overall value.

Tune into this webinar to learn how Trend Micro performed in NSS Labs' AEP 2.0 Group Test.

NSS Labs recently announced the results of the highly anticipated Advanced Endpoint Protection (AEP) 2.0 Group Test. This year’s test included 20 of the industry’s leading AEP vendors to measure how well each of their products could detect, prevent, and log threats accurately, while remaining resistant to false positives. In addition to security effectiveness, each product was scored according to its total cost of ownership so that enterprises can understand each AEP product's overall value.

Tune into this webinar to learn how SentinelOne performed in NSS Labs' AEP 2.0 Group Test.

Thursday May 24, 2018 @ 10:00 a.m. CST | 4:00 p.m. CET

Whether we are talking about the traditional desktop, laptop, or mobile device, the endpoint is always the target of cybercriminal activity. Advanced endpoint protection (AEP) is a disruptive new technology that focuses on preventing cybercriminals from ever reaching or executing on the endpoint. AEP products employ sophisticated techniques such as machine learning, pattern recognition, or predictive algorithms to detect and block malware and to contain suspicious activities.

NSS Labs recently announced the results of the highly anticipated Advanced Endpoint Protection (AEP) 2.0 Group Test. This year’s test included 20 of the industry’s leading AEP vendors to measure how well each of their products could detect, prevent, and log threats accurately, while remaining resistant to false positives. In addition to security effectiveness, each product was scored according to its total cost of ownership so that enterprises can understand which AEP products offer the best overall value.

Attend this webinar to learn how each AEP product scored in this year’s group test!

The great contradiction in cybersecurity today is that the more enterprises spend on security and risk controls, the less sure they are about their performance.

Despite extensive effort and investment, achieving an effective cybersecurity strategy remains an elusive pursuit. Enterprises spent an estimated US$90 billion on cybersecurity products in 2017, and yet a recent NSS Labs survey of CISOs in North America reveals that 52% of enterprises see no “value-add” from their currently deployed security products. Security teams are under more pressure than ever to justify budget allocation for security controls, but most of the time, measuring security effectiveness is a guessing game.

Anil Nandigam, Senior Director of Product Marketing with NSS Labs, will conduct a live demonstration of the Continuous Security Validation Platform. This cloud-based customizable platform provides real-time empirical data regarding the effectiveness of enterprise security controls and also reveals the operating systems and applications most often targeted by today’s active threats. Anil will also discuss how an international bank and a top-five management consulting firm are using this platform to make data-driven cybersecurity decisions.  
Register for this informative webcast to learn more about how your organization can work toward eliminating the fear, uncertainty, and doubt associated with cybersecurity.

The great contradiction in cybersecurity today is that the more enterprises spend on security and risk controls, the less sure they are about their performance.

In this webinar, Anil Nandigam from NSS Labs will conduct a live demonstration of the Continuous Security Validation Platform. Anil will show how organizations can obtain real-time metrics about the effectiveness of their security controls and the unmitigated risks to their systems. He will also present real-world enterprise use cases.


Anil Nandigam is Senior Director of Product Marketing at NSS Labs. Anil has more than 17 years of experience driving products and go-to-market strategy in the computer networking and security industry. Prior to joining NSS Labs, Anil held various senior roles in product management and product marketing positions at FireEye, Cisco, and start-up companies. Anil is a frequent guest speaker at various security conferences such as CERT and has been a contributing member of several SANS Institute webinars and publications. Anil has a Master’s Degree in Computer Science (MS) from the University of Houston and a Masters in Business Administration (MBA) from Santa Clara University.

Data center intrusion prevention systems (DCIPS) and data center security gateways (DCSGs) help enterprises protect their end users as well as the intellectual property and mission-critical applications that reside in their data centers. NSS Labs’ 2018 DCIPS and 2017 DCSG group tests include data center network security solutions from Cisco, Fortinet, Juniper Networks, McAfee, Palo Alto Networks, and Trend Micro and measure how effective they are at protecting against today’s exploits and evasions. In addition, performance is measured and total cost of ownership over a three-year-period calculated. Check out this webinar to find out which of these data center network security solutions offer the best protection and overall value.

Breach detection systems (BDS) and breach prevention systems (BPS) are capable of providing enhanced protection against advanced malware, zero-day attacks, and targeted attacks. NSS Labs’ 2017 BDS and BPS Group Tests measured the effectiveness of these solutions in real-world threat scenarios that included exploits, malware, offline infections, and evasions. Breach detection and breach prevention solutions from Check Point, Cisco, FireEye, Fortinet, Juniper Networks, Lastline, Palo Alto Networks, and Trend Micro are included in one or both of our breach security group tests. Sign up for our webinar to learn more about these test and to see which products received the coveted NSS Labs Recommended rating.

Next generation intrusion prevention systems (NGIPS) have been widely implemented by US enterprises to catch sophisticated attacks such as zero-day and advanced malware. In our most comprehensive test to date, nine NGIPS products were tested from eight vendors: Check Point, Cisco, Forcepoint, Fortinet, IBM McAfee, Palo Alto Networks, and Trend Micro. Only four of the nine products tested properly detected and blocked attacks when evasion techniques were applied. Tune in to our webinar to learn how these products scored in terms of security effectiveness and performance.

The threat landscape is constantly evolving—even as enterprises add new security controls, attackers are finding new ways to penetrate their defenses. Security products that blocked threats yesterday (or even a few hours ago) could today be bypassed by new threats, thereby putting organizations and their critical assets at risk. Now, more than ever, you need a way to continuously validate the security controls you have in place.

The Next Generation Firewall (NGFW) market is one of the largest and most mature security markets. You might expect that the seventh iteration of an NSS Labs NGFW Group Test would prove that leading vendors were catching all attack traffic. However, the test results tell a different story. Most vendors missed evasions which contributed to four products receiving a Caution rating. This webinar will step through the test methodology and group test results. Make sure to watch and find out how your NGFW did.

Web application firewalls (WAFs) are designed to filter, monitor, and block HTTP conversation from web applications and protect against HTTP, or web-based, attacks.