Next-Generation Firewalls: CEO, Miercom

Similar documents
Evaluating Essential Advanced Security Options for Your Business. Robert Smithers CEO, Miercom

Lab Testing Summary Report

High Performance NGFW Extended

Lab Testing Detailed Report DR January Competitive Testing of Web Security Devices

Networking for Caribbean Development

Why it's time to upgrade to a Next Generation Firewall. Dickens Lee Technical Manager

WatchGuard: Your Security Partner of Choice. Carlos Vieira

Check Point submitted the SWG Secure Web Gateway for

Comparative Performance and Resilience Test Results - UTM Appliances. Miercom tests comparing Sophos SG Series appliances against the competition

Market Guide for Network Sandboxing

Network protection and UTM Buyers Guide

Internal Network Firewall (INFW) Protecting your network from the inside out

Managing Web Security in an Increasingly Challenging Threat Landscape

SSL Performance Problems

White Paper. ZyWALL USG Trade-In Program

Firewall Buyers Guide

Simple security is better security Or: How complexity became the biggest security threat

Next-Generation Firewalls: Critical to SMB Network Security

Firewall and UTM Solutions Guide

Guest Speaker. Michael Sutton Chief Information Security Officer Zscaler, Inc.

The Cisco ASA 5500 as a Superior Firewall Solution

Trust the Innovator to Simplify Cloud Security

How To Get A Fortinet Security System For Free

Data Center security trends

NGFWs will be most effective when working in conjunction with other layers of security controls.

Security Services. 30 years of experience in IT business

Network Security Solution. Arktos Lam

Symantec Advanced Threat Protection: Network

The Hillstone and Trend Micro Joint Solution

CYBEROAM UTM s. Outbound Spam Protection Subscription for Service Providers. Securing You. Our Products.

Symantec Enterprise Firewalls. From the Internet Thomas Jerry Scott

PCI DSS. Get Compliant, Stay Compliant Seminar

FortiGuard Security Services

Next Generation Enterprise Network Security Platform

WatchGuard Technologies WatchGuard Technologies

Fighting Advanced Threats

UTM-Enabled Network Protection

Advantages of Managed Security Services

Copyright 2013 WatchGuard Technologies, Inc. All rights reserved. Introducción a Watchguard DLP Data Loss Prevention

Total Cost of Ownership: Benefits of Comprehensive, Real-Time Gateway Security

Full version is >>> HERE <<<

Choose Your Own - Fighting the Battle Against Zero Day Virus Threats

Unified Threat Management Throughput Performance

Network Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000

2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles

Cisco Small Business ISA500 Series Integrated Security Appliances

Stop advanced targeted attacks, identify high risk users and control Insider Threats

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know

White Paper. How to Effectively Provide Safe and Productive Web. Environment for Today's Businesses

Next Generation Firewalls and Sandboxing

What to Look for When Evaluating Next-Generation Firewalls

Intelligent Cybersecurity for the Real World. Cisco Cybersecurity Pocket Guide

Next Generation Firewall Capabilities Assessment

2015 Miercom Next Generation Firewall Solution Testing: Performance, Compliance and Advantages

How to choose the right NGFW for your organization: Independent 3 rd Party Testing

REVOLUTIONIZING ADVANCED THREAT PROTECTION

Global Network Security Market

Security 2014 and Beyond: An Evolving Threat Environment in a Mobile, Cloud, and Virtual World

Competitive Testing of the Cisco ISA500 Security Appliance

The Cyber Threat Landscape

Stallioni Sügisseminar

NEXT GENERATION FIREWALL COMPARATIVE ANALYSIS

Cisco Cloud Security Interoperability with Microsoft Office 365

Cybercrime: evoluzione del malware e degli attacchi. Cesare Radaelli Regional Sales Manager, Italy cradaelli@paloaltonetworks.com

Dell SonicWALL Portfolio

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

The Next Level of Secure Channel Partnership

Integrated Approach to Network Security. Lee Klarich Senior Vice President, Product Management March 2013

Modular Network Security. Tyler Carter, McAfee Network Security

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

What s Next for Network Security - Visibility is king! Gøran Tømte March 2013

What s Next for the Next Generation Firewall Vendor Palo Alto Networks Overview. October 2010 Matias Cuba - Regional Sales Manager Northern Europe

FEATURE OVERVIEW. FGX Series firewall. Last updated February 2012

VIGILANCE INTERCEPTION PROTECTION

Is the Security Industry Ready for SSL Decryption?

A Modern Framework for Network Security in the Federal Government

2012 North American Enterprise Firewalls Market Penetration Leadership Award

Naujos kartos ugniasienės Next Generation Firewalls (NGFW) Mindaugas Kubilius, Fortinet sprendimų inžinierius

On and off premises technologies Which is best for you?

Cisco ASA 5500 Series Business Edition

BUSINESS OPPORTUNITY 4 CONNECTED UTM FOR SMALL OFFICES 6 SECURE COMMUNICATIONS FOR SMALL OFFICES 10 COMPETITIVE COMPARISONS 15

How Traditional Firewalls Fail Today s Networks And Why Next-Generation Firewalls Will Prevail

THE WEBPULSE COLLABORATIVE DEFENSE

Next Gen Firewall and UTM Buyers Guide

Types of cyber-attacks. And how to prevent them

Cisco IronPort & Web Security

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

isheriff CLOUD SECURITY

NEXT GENERATION FIREWALL COMPARATIVE ANALYSIS

Move over, TMG! Replacing TMG with Sophos UTM

2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles

Secure Cloud-Ready Data Centers Juniper Networks

Firewalls: The Next Generation. Rick Coloccia Network Manager

Lab Testing Detailed Report DR Competitive Testing of the Websense TRITON Web Security Gateway Anywhere v7.7.3

Dell SonicWALL Next Generation Firewall(Gen6) and Integrated Solution. Colin Wu / 吳 炳 東 Colin_Wu1@dell.com

For IT Infrastructure, Mobile and Cloud Computing - Why and how

INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Transcription:

Next-Generation Firewalls: Results from the Lab Robert Smithers Robert Smithers CEO, Miercom

Agenda Participating i Vendors and Products How We Did It Categories of Products Tested About the Technology Secure Web Gateway Next-Generation Firewall Unified Threat Management Sandbox Spam Filtering

Agenda Three High Risk Event Results CryptoLocker Outbound Botnet Worm and Trojans Industry Average Comparisons Layer 3 Firewall Throughput Malicious Files Legacy Malicious URLs: Blended Malicious Threats Malicious Files Wild

Agenda Industry Average Comparisons Malicious URLs Wild: Malc0de Layer 7 Firewall Throughput Max Layer 7 Firewall Throughput Mixed Application Control

Participating Vendors and Products Blue Coat ProxySG 300-5 Check Point 4210 NGFW Check Point SWG-12600 Cisco ASA 5545-X with CX Module Cisco ISA550W Cyberoam CR100iNG Dell SonicWALL NSA 2600

Participating Vendors and Products Dell SonicWALL TZ 105 (Cloud) Dell SonicWALL TZ 105 (Appliance) FireEye Malware Protection System 1310 Fortinet FortiGate 20-C Fortinet FortiGate 100-D Fortinet FortiGate 800-C Juniper SRX650 Services Gateway

Participating Vendors and Products Palo Alto PA-3020 Sophos SG 210 Sophos SG 230 Sophos UTM 220 WatchGuard XTM 525 Websense Web Security Gateway

How We Did It Test equipment included: Ixia XG12 and BreakingPoint FireStorm Spirent Studio Security Apposite Linktropy 7500 PRO WildPackets OmniPeek for Windows Windows 7 and Windows XP Clients/Endpoints Monitoring Tools

Categories of Products Tested Secure Web Gateway Next-Generation Firewall Unified Threat Management Sandbox Spam Filtering

Secure Web Gateway (SWG) Edge security platform against Web-borne threats that can invade enterprise network via Internet browsing; enforces organization s policies for Internet usage and regulatory compliance Essential functionality: URL filtering, malicious code detection/filtering and application control Products with real-time, cloud-based content analysis tend to outperform those that look up URLs and/or threat signatures in static database

Secure Web Gateway (SWG) Class of product for organizations of all sizes: SMB and Enterprise Essential functionality: URL filtering, malicious code detection/filtering ti i and application control SMB: protects against basic threats, easy to implement/manage Enterprise: protection extended to advanced and targeted threats, requires more skill and resources to implement/manage O i li t l ith ft On-premises appliance most popular with software, virtual, cloud (SWG as a Service) and on-premises / cloud hybrid versions also available

Next-Generation Firewall (NGFW) Evolutionary type of network edge security device Possesses combination of functionality of basic firewall and enhancements Traffic inspection enables detection and blocking of malicious activity Application awareness enables identification of attacks directed at network as well as enforcement of organization s Internet usage and regulatory compliance policies

Next-Generation Firewall (NGFW) Available for organizations of all sizes Can be deployed as appliance, virtual appliance or software-based solution Inline bump in the wire deployment: enabling functionality does result in reduced network performance Next-generation firewall arguably has caused basic firewall to go the way of video cassette recorders and VHS tapes, into obsolescence

Unified Threat Management (UTM) Just as Next-Generation Firewall, an evolutionary class of network edge security platform Combination of firewall and VPN of basic firewall plus Intrusion Prevention System also found in Next- Generation Firewall, URL filtering and antivirus also found in Secure Web Gateway, and anti-spam and mail antivirus also found in Spam Filtering products Primarily aimed at small and mid-sized businesses

Unified Threat Management (UTM) Available as appliance, virtual appliance, software and cloud-based Network administrator must find balance between security and network performance e Individual packets examined by each security function enabled, adding to latency/detracting from throughput

Sandbox Security technique for protecting enterprise network from malware by running applications and visiting Websites in a controlled environment FireEye leads market with competitors including AhnLab, Blue Coat, Check Point, Damballa, McAfee, Palo Alto Networks and Sourcefire (acquired by Cisco in October 2013) Sandbox appliance or cloud-based service is part of a multi-layeredlayered security system

Sandbox Botnets, zero-day attacks and corporate espionage among factors that fueled advent of sandbox; virtualization has facilitated utilization of sandbox Small percentage of malware has written-in capability to try to defeat sandbox Check environment to determine if it is in a sandbox Seek to be allowed to pass by attempting to time out the sandbox, stalling by performing meaningless calculations

Spam Filtering Class of network security device that safeguard against unwanted inbound and outbound Email: spam Inbound: protect networked computers against dangerous forms of spam such as phishing attempts and Emails those containing viruses Outbound: protect against networked computers from being compromised and used as a zombie in a botnet to generate spam

Spam Filtering Spam is no small problem: estimated 50-60% of enterprise Email Key functionality: protect against inbound, targeted phishing attacks Functionality growing in importance: ability to re-evaluate evaluate URL link(s) in Email at the time of end user click Available as appliance, software, managed service Based on Gartner 2013 Magic Quadrant: Product leaders are Cisco, Proofpoint, Symantec, Microsoft and McAfee

Three High Risk Event Results Specific High Risk Events CryptoLocker Outbound Botnet Worm/Trojan

Ransomware trojan CryptoLocker Encrypts specific types of files using RSA public-key cryptography Message displays an offer to decrypt the g p y yp data if payment is made

Outbound Botnet Botnet t is a network of compromised computers under control of a third party whose purpose is to invade the network Remains inactive until they get orders from their command and control hosts Designed to steal the most valuable information on a network Outbound botnet t defense protects t corporate data from leaving the network

Worms Computer worms are a type of malware that t replicates functional copies of themselves to cause damage to data or software Host program or human help is not needed for them to propagate Worm enters a computer through a system vulnerability and uses a file- or information-transport feature to allow it to travel independently

Trojans A Trojan is another type of malware that t appears as legitimate software Users are tricked into loading and executing it Trojans can achieve a variety of attacks on the host from distractions (pop-up p p windows) to major damage (deleting files, activating and spreading other malware) on the host Can also create back doors to give malevolent users access to the system

Industry Average Comparisons Layer 3 Firewall Throughput Malicious Files Legacy Malicious URLs: Blended Malicious Threats Malicious Files Wild Malicious Files Wild: Malc0de Layer 7 Firewall Throughput Max Layer 7 Firewall Throughput Mixed Application Control

Industry Average Comparisons HTTP Proxy Throughput Firewall + IPS Throughput Application Control / URL Filtering

Industry Average Comparisons 3000 Layer 3 Firewall Throughput Throughput ( Mbps) 2500 2000 1500 2029 2678 Industry Average 2,057.3 Mbps 1884 1886 Lay yer 3 Firewall 1000 500 1322 0 CR100iNG SonicWALL FortiGate UTM 220 XTM 525 NSA 2600 100-D Source: Miercom, UTM and NGFW Industry Assessment 2014

Industry Average Comparisons 100.0 Malicious Files Legacy Malicious Files Blocked (%) 80.0 60.0 40.0 20.0 81.8 Industry Average 39.3 Mbps 74.2 0.0 1.1 SWG-12600 Malware Protection Web Security System 1310 Gateway Source: Miercom, UTM and NGFW Industry Assessment 2014

Industry Average Comparisons Malicious URLs: Blended Malicious Threats 100.0 Malicious URLs Block ked (%) 80.0 60.0 40.0 20.0 0.0 16.7 37.6 32.1 Industry Average 25.1 Mbps 6.3 4.8 4.8 71.4 4210 NGFW ASA 5545-X with CX Module Malware Protection System 1310 FortiGate 800-C SRX650 Services Gateway PA-3020 Web Security Gateway Source: Miercom, UTM and NGFW Industry Assessment 2014

Industry Average Comparisons Ma alicious Files Blocked (%) 100.0 80.0 60.00 40.0 20.0 83.8 Malicious Files Wild 93.0 90.3 47.5 50.0 Industry Average 73.5 Mbps 34.0 4.2 82.0 62.0 9.5 30.3 97.5 0.0 Source: Miercom, UTM and NGFW Industry Assessment 2014

Industry Average Comparisons Malicious URLs Wild: Malc0de Malicious URLs Blocke ed (%) 100.0 80.0 60.0 40.0 20.0 47.5 83.8 82.0 4.2 Industry Average 41.6 Mbps 9.5 30.3 97.5 00 0.0 4210 NGFW ASA 5545-X with CX Module Malware Protection System 1310 FortiGate 800-C SRX650 Services Gateway PA-3020 Web Security Gateway Source: Miercom, UTM and NGFW Industry Assessment 2014

Industry Average Comparisons 3500 Layer 7 Firewall Throughput Max La ayer 7 Firewall l Throughput (Mbps) 3000 2500 2000 1500 1000 500 2260 Industry Average 2,158 Mbps 2310 1400 1078 3240 3225 1590 0 FortiGate UTM 220 SG 210 SG 230 CR100iNG SonicWALL XTM525 NSA2600 100-D Source: Miercom, UTM and NGFW Industry Assessment 2014

Industry Average Comparisons 3500 Layer 7 Firewall Throughput Mixed l Throughput (Mbps) La ayer 7 Firewal 3000 2500 2000 1500 1000 500 Industry Average 2170 1,987 Mbps 2145 1072 1020 3100 3280 1120 0 CR100iNG SonicWALL FortiGate UTM 220 SG 210 SG 230 XTM 525 NSA 2600 100-D Source: Miercom, UTM and NGFW Industry Assessment 2014

Industry Average Comparisons Application Control 3500 App plication Cont trol Throughp put (Mbps) 3000 2500 2000 1500 1000 500 0 2090 132 3300 2650 Industry Average 1,345 Mbps 1130 403 442 CR100iNG SonicWALL NSA 2600 FortiGate 100-D UTM 220 SG 210 SG 230 XTM 525 Source: Miercom, UTM and NGFW Industry Assessment 2014

hput (Mbps) Firewa all and AV (Pr roxy) Throug Industry Average Comparisons 800 700 600 500 400 300 200 100 0 163 HTTP Proxy Throughput Industry Average 380 Mbps N/A 237 212 585 704 N/A CR100iNG SonicWALL NSA 2600 FortiGate 100-D UTM 220 SG 210 SG 230 XTM 525 Source: Miercom, UTM and NGFW Industry Assessment 2014

Industry Average Comparisons 700 Firewall + IPS Throughput Fi irewall and IP PS Throughpu ut (Mbps) 600 500 400 300 200 100 Industry Average 330 Mbps 163 132 420 190 504 658 475 0 FortiGate UTM 220 SG 210 SG 230 XTM 525 CR100iNG SonicWALL 100-D NSA 2600 Source: Miercom, UTM and NGFW Industry Assessment 2014

Industry Average Comparisons Application Control / URL Filtering % Pro otocol/app Co ombinations Blocked 100.0 90.0 80.0 70.0 60.0 50.0 40.0 30.0 20.0 10.0 0.0 56.9 97.1 Industry Average 73.33 % 65.9 ProxySG SWG-12600 Web Security 300-5 Gateway Source: Miercom, UTM and NGFW Industry Assessment 2014

For more information, contact reviews@miercom.com Request our detailed report on UTM and NGFW appliances.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information