The hottest nsslabs evaluation report next generat

Nsslabs evaluation report: the next generation firewall must be the protagonist in the future

I'm used to hearing all kinds of magic quadrants and analysis reports of Gartner and IDC. Today, we'll talk about a more professional evaluation and analysis report for the security field. This time, the protagonist is the next generation firewall (NGFW)

recently, nsslabs, a world-renowned information security evaluation agency, released the latest next-generation firewall evaluation report. A happy news is that as two Chinese manufacturers who participated in the NGFW category test for the first time, yamashike and Huawei have received nsslabs' recommended rating

you know, those who compete with them are world-renowned manufacturers in the field of network security, such as Cisco, juniper, PaloAlto, checkpoint, dellsonicwall, Fortinet, etc. it is not easy to break through these information security giants. I didn't expect that others' achievements were good, and they caught up with and surpassed foreign manufacturers in many indicators

(Figure 1) nsslabs2016 next generation firewall security value map (SVM)

in the ongoing rsa2016 conference in full swing, both Scientology and Huawei accepted nsslabs' next generation firewall recommendation level licensing

hard indicators hit hard

a total of 13 products from 12 manufacturers participated in the nsslabs next generation firewall evaluation (Cisco provides 2 products), as detailed below

before interpreting the main evaluation results, let's briefly introduce nsslabs itself and its evaluation methods

nsslabs is the world's most famous independent security research and evaluation organization, nsslabs, headquartered in the United States. CEOs, information executives and chief security officers of many large enterprises trust nsslabs' evaluation report, and it provides in-depth insights for many industry-leading manufacturers. At the same time, it is trusted by more than 280 enterprise organizations, including Johnson & Johnson, KPMG, visa, etc

nsslabs provides analysis and evaluation of various security categories, including web application firewall, terminal protection, ngips/next generation intrusion detection, etc. in addition to NGFW. Nsslabs' technical route of testing NGFW has been widely recognized by firewall manufacturers at home and abroad

this time, the scope of the next generation firewall report includes security effectiveness, performance, stability and reliability, and important total cost of ownership (TCO)

first, let's focus on the first half, that is, the y-axis in Figure 1 above, that is, safety efficiency, which is the technical hard index of the product

according to the introduction, the attack protection test of nsslabs includes 1999 real attack means. Relevant tests are carried out through various transmission modes, payloads and protocols of different sizes, covering problems and threats of large and small sizes. The strict requirements and high accuracy of its test provide guarantee for its in-depth detection of threats, and also enable it to identify subtle threats that are extremely difficult to detect. For example, nsslabs will continuously test the stability and reliability of products with irregular traffic to test the performance of products under any extreme conditions

it can be seen from the figure below that checkpoint and Fortinet tied for the first place with 99.6% in the comprehensive threat inspection rate, followed by shanshike with 99.0%, followed by Huawei and Dell sonic wall with 98.1% of the five functions of the comprehensive threat inspection tensile testing machine. Do you know? I hope the above sharing of MetS technicians can help everyone tie for the third place. The achievements of Yamagata can be described as amazing. You know, juniper and PaloAlto are ranked next to many internationally renowned manufacturers. I can't help boasting that yamashike and Huawei are really good

(Figure 2) nsslabs next generation firewall comparison test table

of course, seeing such high detection performance of Shanshi and Huawei, some insiders suspect that IPS and AV feature libraries are not their own! In fact, this problem can be viewed in reverse, thinking with the idea of keeping pace with the times. In the current network security situation and industrial environment, there is threat intelligence sharing among manufacturers in various security ecological chains, and even some security equipment manufacturers, that is, to maintain competition and seek win-win cooperation. In terms of security feature library, on the one hand, professional feature library should be introduced, and at the same time, it should also be integrated, combined with the security equipment manufacturer's own feature library research and development ability, and integrated with security analysis engine and scanning engine at the same time. In fact, the detection rate of nsslabs not only tests the ability of the feature library, but also the ability of the detection engine. There are a lot of anti attack escape tests in nsslabs tests, which must be solved by the engine

moreover, for Shanshi, it is understood that the entire application security analysis and detection engine of Shanshi is developed by itself, and the attack feature library adopts two ways: third-party cooperation and self-development

after talking about two domestic manufacturers, I'll go back to the report and say something iron eyed. What's puzzling is that Palo Alto, the ancestor of the next generation firewall manufacturer, ranked third from the bottom with 95.9%. The author specially looked at the last time pan participated in the evaluation of nsslabs' next generation firewall, which was also ranked last from the bottom. I really don't understand how it maintained the growth rate of leading friends. Can it continue to be willful

of course, there is cyberoam, which is the most puzzling. The score of 58.1% is too unusual. I really want to ask, was your device secretly sent? Change 1 extensive plastic granulator into a combination, intelligent plastic granulator

the evaluation results of Cisco and juniper in this item are in line, while Barracuda and WatchGuard are not satisfactory

are domestic manufacturers only cheap

of course, in addition to hard indicators, there is another important factor for buyers, that is TCO (total cost of ownership). Speaking of this, we can see the two gorgeous shadows on the far right of the X axis in SVM, Shanshi and Huawei. In the report, it can be seen that TCOP protected Mbps, that is, the total cost of ownership of protecting traffic per Mbps, is the best for Yamagata, followed by Huawei

the product technology is not bad, and it sells so cheaply that domestic manufacturers are simply unreasonable. In fact, we can't simply understand that the price is cheap. The calculation formula of svmx axis: tco/mbps=tco/(performance * detection rate), so it is the best cost performance, not the best TCO

the capex cost included in this TCO includes initial acquisition cost, annual maintenance and update cost (software and hardware update), which involves an important factor: maintenance time. The expert team of NSS evaluates the ease of use of the product and calculates the maintenance workload required for the product. NSS believes that the ease of use cannot be measured by a certain standard, but should be compared with other competitors to draw a conclusion, that is, to compare your ease of use with other similar products

according to the ease of use, we can infer the maintenance cost of the product in its life cycle (usually 3 years). How long an experienced engineer needs to spend on product maintenance in 1 and 3 years is converted into the average annual maintenance cost of the product according to the average maintenance cost. That is to say, the less easy-to-use the product, the longer the user needs to spend on maintenance, and the higher the maintenance cost

see, it is most appropriate to interpret it with the best cost performance. In fact, the two Chinese manufacturers are not the lowest price. Of course, it's definitely not the highest. There's no doubt that juniper's total cost of ownership for protecting traffic per Mbps is on the far left side of the svmx axis, almost twice that of Cisco asa5585-xssp-60, the second place. It can almost be concluded that its price is the most arrogant

in conclusion, in this evaluation, the performance of the Department of lithospermaceae is the best. Coupled with the performance of technical hard indicators, the rocks are commendable and impressive

in fact, there is also a next-generation firewall manufacturer product from a domestic security manufacturer that has won the nsslabs recommendation level evaluation. It is deeply convinced by NGAF. However, I was convinced that I participated in the nsslabs web application firewall (WAF) evaluation in 2014. At this time, I didn't understand whether it was NGFW or WAF

to get to the point, since the performance of shanshike is so excellent, does it mean that Shanshi NGFW is ahead of the international level? We certainly need to ask them what they think. The answer given by Shan Shi is yes

shanshike once again emphasized two key test results:

the first is the threat detection rate, which achieved a static test detection rate of 99.6% and a real-time dynamic test detection rate of 98.32%. The comprehensive threat detection rate reached 9. Next, Jinan Shijin, the manufacturer of Jinan experimental machine, will introduce to you which 8 categories of 9 are there. 9%, ranking third in the NGFW participating in the evaluation, surpassing many international well-known manufacturers including juniper and PaloAlto

the external scrap purchase quotation of Fujian Nanping Sanshan steel plant increased by 50 yuan/ton; Zunyi Fuxin scrap purchase price increased by 30 yuan/ton; Guiyang Minda scrap purchase price increased by 30 yuan/ton; The scrap purchase price of Guangdong Jieyang Daxing steel plant increased by 20 yuan/ton; The scrap purchase of Fujian Sanbao Co., Ltd. increased by 50 yuan/ton. The second is the total cost of ownership of protecting the flow per Mbps. This index ranked first among all evaluation equipment, proving the best customer value of Shanshi NGFW. These two indicators determine that in the safety value quadrant of SVM, alexandriaceae is in the dominant position in the top right corner

that's all I said. Shanshi is really real. You can't say two words about Baihuo with such a good opportunity. I'm kidding. It's the most important thing to do real things. Congratulations again to shanshike and, of course, Huawei