Lab Testing Summary Report



Similar documents
Check Point submitted the SWG Secure Web Gateway for

Lab Testing Detailed Report DR January Competitive Testing of Web Security Devices

WildPackets engaged Miercom to conduct comprehensive,

Lab Testing Summary Report

Lab Testing Summary Report

Lab Testing Summary Report

Lab Testing Summary Report

Router Throughput Tests

Next-Generation Firewalls: CEO, Miercom

Cisco engaged Miercom to conduct an independent verification of

Comparative Performance and Resilience Test Results - UTM Appliances. Miercom tests comparing Sophos SG Series appliances against the competition

NEC s UC for Enterprise (UCE) in conjunction with the

Sonus Networks engaged Miercom to evaluate the call handling

Cloud Based Secure Web Gateway

Unified Threat Management Throughput Performance

Product Summary Report

Secure Web Gateways Buyer s Guide >

Blue Coat WebFilter >

Cconducted at the Cisco facility and Miercom lab. Specific areas examined

Networking for Caribbean Development

INTRODUCING isheriff CLOUD SECURITY

The Cisco ASA 5500 as a Superior Firewall Solution

IBM Security Network Protection

Next-Generation Firewalls: Critical to SMB Network Security

Application Visibility and Monitoring >

Symantec Advanced Threat Protection: Network

Lab Testing Summary Report

Firewall Testing Methodology W H I T E P A P E R

4 Delivers over 20,000 SSL connections per second (cps), which

The Benefits of SSL Content Inspection ABSTRACT

VESZPROG ANTI-MALWARE TEST BATTERY

Replacing Microsoft Forefront Threat Management Gateway with F5 BIG-IP. Dennis de Leest Sr. Systems Engineer Netherlands

Citrix NetScaler VPX 9.2 for Microsoft Hyper-V Detailed Lab Report

Security Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Hosted Web Security

Comprehensive real-time protection against Advanced Threats and data theft

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Express Websense Hosted Web Security

Content-ID. Content-ID URLS THREATS DATA

Controlling SSL Decryption. Overview. SSL Variability. Tech Note

Stallioni Sügisseminar

White Paper. What the ideal cloud-based web security service should provide. the tools and services to look for

Network Agent Quick Start

C(UTM) security appliances the Check Point VPN-1 Pro, the

Application Control and URL Filtering

February Considerations When Choosing a Secure Web Gateway

Lab Testing Summary Report

WildFire. Preparing for Modern Network Attacks

How To Protect Your Network From Attack From A Virus And Attack From Your Network (D-Link)

Cisco Advanced Services for Network Security

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

Cisco ASA 5500 Series Business Edition

Websense Web Security Solutions

Cyan Networks Secure Web vs. Websense Security Gateway Battle card

Key Findings. Websense Triton Security Gateway Anywhere

Introducing IBM s Advanced Threat Protection Platform

White Paper. ZyWALL USG Trade-In Program

Intelligent, Scalable Web Security

TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT

Managing Web Security in an Increasingly Challenging Threat Landscape

Securing Endpoints without a Security Expert

What to Look for When Evaluating Next-Generation Firewalls

Protecting Your Network Against Risky SSL Traffic ABSTRACT

V1.4. Spambrella Continuity SaaS. August 2

Symantec Protection Suite Add-On for Hosted and Web Security

Lab Testing Detailed Report DR100412D. Detailed Competitive Testing of the Websense Web Security Gateway 7.5

Comprehensive Anti-Spam Service

Protect your internal users on the Internet with Secure Web Gateway. Richard Bible EMEA Security Solution Architect

Types of cyber-attacks. And how to prevent them

INSTANT MESSAGING SECURITY

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

Enterprise Buyer Guide

Winning with Check Point Secure Web Gateway. Sales Training. August [Restricted] ONLY for designated groups and individuals

NetDefend Firewall UTM Services

Best Practices for Controlling Skype within the Enterprise > White Paper

WEB PROTECTION. Features SECURITY OF INFORMATION TECHNOLOGIES

Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT

Executive Brief on Enterprise Next-Generation Firewalls

White Paper. How to Effectively Provide Safe and Productive Web. Environment for Today's Businesses

Web Security Gateway Solutions

WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8

Putting Web Threat Protection and Content Filtering in the Cloud

Still Using Proxies for URL Filtering? There s a Better Way

INFORMATION PROTECTED

Competitive Testing of the Cisco ISA500 Security Appliance

NetDefend Firewall UTM Services

Cascadia Labs URL Filtering and Web Security

Analyzing HTTP/HTTPS Traffic Logs

EXTENDING THREAT PROTECTION AND CONTROL TO MOBILE WORKERS

Cascadia Labs URL Filtering and Web Security

Symantec RuleSpace Data Sheet

Security Administration R77

Powerful, customizable protection for web applications and websites running ModSecurity on Apache/Linux based web-servers

Quick Start for Network Agent. 5-Step Quick Start. What is Network Agent?

Superior protection from Internet threats and control over unsafe web usage

Threat Containment for Facebook

Websense: Worldwide Leader in Web Filtering Expands into Web Security

11 THINGS YOUR FIREWALL SHOULD DO. a publication of 2012 INVENIO IT A SMALL BUSINESS WHITEPAPER

isheriff CLOUD SECURITY

74% 96 Action Items. Compliance

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

Transcription:

Lab Testing Summary Report February 14 Report 132B Product Category: Web Security Gateway Vendor Tested: Key findings and conclusions: security appliance exhibits best rate to date, 91.3%, for classifying the one million most popular websites into known undesirable categories URL classification and detection rates in Adult (97.1%) and Gambling (93.4%) categories are highest validated so far in ongoing testing Highest blocking rates using current, in-the-wild and legacy malware sets, 9.3% and 81.8%, respectively Blocking rates of greater than 9% in application control testing with URL filtering disabled and enabled Granularity of application control allows security policies for website access to be set for individual users, groups of users or all users C heck Point submitted the Secure Web Gateway for evaluation in ongoing standardized testing for Web control, the Miercom Web Security Industry Assessment 14. Hands-on testing assessed the capability of the in crucial areas of functionality for a Secure Web Gateway: classification of URLs into malicious and potentially malicious categories, URL filtering, malware blocking and application control. The 12 is a datacenter-grade security appliance, the high-end model of three in the 1 Series. In addition to two onboard 1GE copper ports, three available expansion slots can be used to configure a variety of network options, such as 1GE copper, 1GE fiber and 1GE fiber connections. The default configuration includes eight 1GE copper ports and a four-port 1GE Product Tested: Secure Web Gateway Figure 1: Classification of One Million Most Popular URLs Successful URL Classification % 91.3 82.6 The classification rate of the one million most popular URLs into undesirable categories by the, 91.3%, is the best performance to date in ongoing Web control testing. The performance of the also exceeded the by 8.7%.

Figure 2: URL Filtering, Adult URL Blocking % 97.1 92.2 The URL filtering performance of the against Adult URLs, 97.1%, exceeded the Industry Average by 4.9%. copper expansion card. Fully loaded, the 12 has a total of 26x1GE ports or 12x1GE ports. Four different security configurations are possible for the 12 depending on the software modules utilized. In addition to Secure Web Gateway, it can be configured as Next-Generation Firewall, Next-Generation Data Protection or Next- Generation Threat Protection. The can be deployed in-line, as a monitor/tap, or as a proxy in a data center to provide real-time, multi-layered protection against Figure 3: URL Filtering, Gambling URL Blocking % 93.4 85.4 The URL filtering performance of the against Gambling URLs, 93.4%, exceeded the by 8%. Web-borne malware. Key specifications include being able to handle 22, HTTP transactions per second and supporting up to 1, users. The tested had the latest cyber-security software release, R77.1, which works on the GAiA secure operating system. URL Coverage and Classification Test The objective was to determine how many of the one million most popular URLs the SGW-12 could correctly classify into pre-defined or known malicious and potentially malicious categories. The malware blocking functionality of the was disabled. The performance of the, a blocking rate of 91.3%, was the best to date in ongoing testing. A comparison of the performance of the and the is shown in Figure 1 on page 1. URL Filtering Thousands of URLs were in each category as a result of the initial test, classification of the one million most popular URLs. The URL filtering capability of the was challenged by a separate test using the URLs in each category. Default security policies as well as the policies needed to filter for each category were enabled. Secure Web Gateway appliances receive real-time URL updates from cloud-based categorization that blocks millions of malware and phishing websites. This functionality enabled the to exceed the in the Adult, Gambling and Phishing categories. Figures 2 and 3 show a comparison of the URL filtering performance of the against the Adult and Gambling URLs and the. The exceeded the for Adult URLs by 4.9% and for Gambling URLs by 8.%. Also, the performance of the exceeded the for Phishing URLs by 14.1%, achieving a blocking rate of 77.9%. The Industry Average is 63.8%. Malware Detection The also was tested using two sets of malware samples: a current, in-the-wild set of Copyright 14 Miercom Page 2

Figure 4: Blocking, Current, in-the-wild Malware Percentage Blocked (%) 9.3 68.4 The recorded the highest blocking rate to date in the Miercom Web Security Industry Assessment, 9.3%, using a current, in-thewild set of nearly 4, malware samples from open and private sources. 3,95 samples and a legacy set of,713 samples. Samples in both sets were obtained from open and private sources and were collected via direct download. The priority in assembling the sample sets was to maximize the number of current, lethal viruses included. Samples were not collected via download from Internet-based email because Internet-based email is usually encrypted with HTTPS by a third-party server. If a security appliance does not possess the server certificate, it cannot examine the payload. Initially, baseline testing was conducted using each malware sample set. All security functionality on the was disabled. No samples in each set were blocked. For actual testing, antivirus functionality was enabled to block malware. The made the best performances observed to date, a blocking rate of 9.3% against the current, in-the-wild set and 81.8% against the legacy set. A comparison of the blocking rate of the SWG- 12 and the for the current, in-the-wild set is shown in Figure 4. The comparison for the legacy set is shown in Figure 5. Application Control Testing assessed the ability of the to block applications and the traffic created by them. Web 2. applications are increasingly used to enable the dynamic relationships businesses use to stay competitive. However, overwhelmingly popular applications such as Facebook, IM and YouTube can create havoc for the enterprise network. They consume valuable bandwidth, may detract from employee productivity and expose the enterprise network to malware, increasing the probability of compromising the network and even causing the loss of valuable company data. To mitigate the risks and maximize the value for end-user organizations of Web 2. applications, it is necessary for a secure Web gateway to identify, monitor, report on and implement controls over them. The had the latest Application Control library, which consists of more than 5,7 applications and more than 3, social networking widgets. Figure 5: Blocking, Legacy Malware Percentage Blocked (%) 81.8 58.2 The blocking performance of the against legacy malware exceeded the by just over 28%. Copyright 14 Miercom Page 3

Figure 6: Application and URL Filtering Policy Configuration The has a comprehensive, intuitive interface for creating policies and rules. Multiple rule sets can be mixed and matched to provide security control for different ports and networks The high level of granularity available in the interface can cover just about any network security deployment. This view of the SmartDashboard shows utilization of R77.1 firmware. The Application Control library enhances network security and employee productivity by creating granular security policies for users and groups of users. The policies identify, block or limit usage of Web applications and Web widgets, such as those used in instant messaging, social networking, video streaming and online games. Figure 6 shows the Application and URL Filtering Policy Interface of the, which offers a myriad of combinations to network administrators. The interface is comprehensive yet easy to use. A high degree of granularity can be built into a security policy. Using Facebook as an example, 23 portions of the application can be enabled or disabled. As shown in Figure 7 on page 5, a policy can be set in the that allows access to parts of Facebook that are beneficial to conducting business while preventing access from others that sap employee productivity, such as the chat area. Two application control tests were run, one with URL filtering disabled and the other with URL filtering enabled. The was the clear winner in both, registering a blocking rate that was more than 3% greater than the nearest competitor. With URL filtering disabled, the achieved a blocking rate of 91.6%. With URL filtering enabled, the blocking rate was 97.1% as shown in Figure 8 on page 5. The sample size for both tests was more than 3, unique protocol/application combinations. Throughput, CPU Protection Tests Additional tests evaluated the performance capabilities of the while web control testing was in progress. An RFC 2544 throughput test was conducted while URL filtering was in progress against Gambling URLs. The maintained 1GE (port line rate) with zero frame loss. Also, a simulated DoS flood attack was launched in an attempt to overburden the resources of the Copyright 14 Miercom Page 4

Figure 7: Blocking Options for Facebook The check mark indicates that users are blocked from using Facebook-chat. Each of the 23 portions of Facebook has a risk rating, which is visible along with a description in the right pane.. No anomalies were observed. The continued to block Gambling URLs. Bottom Line Comprehensive, hands-on testing of the Check Point Secure Web Gateway was conducted as part of ongoing standardized testing of Web control, the Miercom Web Security Industry Assessment 14. The had strong results in areas that are crucial for a Secure Web Gateway: classification of URLs into malicious and potentially malicious categories, URL filtering, malware blocking and application control. The has a large, ever-growing Application Control library of applications and web widgets available. The library and the high level of granularity that can be built into security policies enable the to provide excellent protection from new, emerging threats. The exhibited the performance required for both a data center and a perimeter deployment to safeguard the enterprise network from Web-borne threats while providing end users with a positive Web experience. Figure 8: Blocking Rate, URL Filtering Disabled/Enabled % of Applications Blocked 91.6 URL Filtering Disabled 97.1 URL Filtering Enabled With URL filtering enabled, the blocking rate of the improved by over 5%. Copyright 14 Miercom Page 5

Test Bed Equipment IP Load Generators Device Under Test Spirent Application Simulator Generator Ixia XM12 BreakingPoint FireStorm Secure Web Gateway Spirent Studio Performance Spirent Studio Security Source: Miercom Web Security Industry Assessment 14 How We Did It The Secure Web Gateway, running firmware version R77.1, was evaluated using a Miercom client, Spirent Studio Performance application traffic simulator, BreakingPoint FireStorm and Ixia XM12. The s in this report are the result of validated, ongoing testing of comparable security products from Blue Coat,, Cisco, FireEye, McAfee, Palo Alto Networks, Symantec, Websense and other leading vendors. URL Coverage Classification Accuracy The URL of each of the one million most popular websites, based on worldwide traffic rating, was obtained in January 14. The cache of the was adjusted to allow processing of the URLs in runs of,. URL Filtering by Specific Category For each category of potentially malicious and malicious URLs, a database was created in Excel. Malware Blocking/Current, in-the-wild and Legacy Samples The was deployed in Normal Mode, the default setting. It was connected to a Dell S switch linked to a Linux server, a Dell PowerEdge 195, that hosted the current, in-the-wild and legacy malware sample sets. Apache JMeter client residing on the Test Client, a Dell Latitude 643u laptop, requested each malware sample housed on the Dell PowerEdge 195 server. Malware samples were obtained from open source listings as well as private, proprietary sources. Open sources included Maliciousbytes, EPP.com, virustotal.com, virussign.com, cramit.com and contagiodump.blogspot.com. Application Control Spirent Studio Performance software running on a Miercom server managed a Spirent Studio Security application simulator, which generated application traffic on the test network. A Layer 2 switch forwarded traffic to the secure Web gateways for a block/pass decision. Traffic that was allowed to pass was routed back to the Mu- via another Layer 2 switch. Throughput and CPU Protection Tests The Ixia XM12 was used to generate traffic in the RFC 2544 throughput test. The BreakingPoint FireStorm was used to generate the DoS attack against the. The tests in this report are intended to be reproducible for users who want to recreate them, with the appropriate test and measurement equipment. Those interested in repeating these tests are advised to contact Miercom at reviews@miercom.com for more details on the configurations applied in this testing. A Miercom professional services sales representative can provide assistance. Copyright 14 Miercom Page 6

Miercom Performance Verified The performance of the in areas that are crucial for a Secure Web Gateway was verified by Miercom in a hands-on testing evaluation. The proved to be superior in identifying and classifying URLs into known categories, utilizing URL filtering, blocking malware and enforcing application control policies. With a large and continually updated Application Control library and a high level of granularity built into security policies, the proved its strengths in safeguarding the enterprise network. Miercom is proud to award the the Performance Verified Certification. Software Technologies Ltd. 5 Ha Solelim Street Tel Aviv 67897, Israel U.S.: 1--429-4391 Int l: +972-3-753-4555 www.checkpoint.com About Miercom s Product Testing Services Miercom has hundreds of product-comparison analyses published over the years in leading network trade periodicals including Network World, Business Communications Review, NoJitter, Communications News, xchange Magazine, Internet Telephony and other leading publications. Miercom s reputation as the leading, independent product test center is unquestioned. Miercom s private test services include competitive product analyses, as well as individual product evaluations. Miercom features comprehensive certification and test programs including: Certified Interoperable, Certified Reliable, Certified Secure and Certified Green. Products may also be evaluated under the NetWORKS As Advertised program, the industry s most thorough and trusted assessment for product usability and performance. Report 132B reviews@miercom.com www.miercom.com Before printing, please consider electronic distribution Product names or services mentioned in this report are registered trademarks of their respective owners. Miercom makes every effort to ensure that information contained within our reports is accurate and complete, but is not liable for any errors, inaccuracies or omissions. Miercom is not liable for damages arising out of or related to the information contained within this report. Consult with professional services such as Miercom Consulting for specific customer needs analysis. Copyright 14 Miercom Page 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information