Story image

Fortinet, Juniper take top spots in NSS Labs Data Centre Security Gateway tests

15 Jan 18

NSS Labs’ latest Data Centre Security Gateway group test has included the likes of Fortinet, Palo Alto Networks, Juniper Networks and Cisco solutions as the research firm put security effectiveness and intrusion prevention capabilities to the test.  

According to NSS Labs, the tests evaluated five ‘market leading’ data center gateways (SCSGs) for their security, security effectiveness, performance, and total cost of ownership.

 “NSS Labs is focused on empowering enterprises to make informed decisions based on independent real-world testing results,” comments NSS Labs CEO Vikram Phatak.

According to Fortinet’s senior regional director for Australia, New Zealand and the Pacific Islands, organisations that are shifting to cloud and using more cloud-based applications are driving network speeds above 100 gigabits per second.

“Enterprises are adapting to these changes with more efficient, high-performance data centre architectures and consolidated security solutions such as firewalls and intrusion prevention that can handle the increased traffic,” he explains.

To keep pace with increasing demand, security solutions must be able to secure a mix of different traffic types including IPv4 and IPv6.

NSS Labs tested five different solutions and monitored their performance across both IPv4 and IPV6 traffic types.

The solutions included:

  • Cisco FirePOWER 4150 v6.2.2
  • Fortinet FortiGate 7060E v5.4.5 GA Build 6355
  • Fortinet FortiGate 3000D v5.4.5 GA Build 3273
  • Juniper Networks SRX5400E v15.1X49-D100.6
  •  Palo Alto Networks PA-5250 PAN-OS 8.0.3-h4

A statement from Fortinet says that both of its solutions delivered the highest combination of Security Effectiveness and Value per protected Megabit Per Second (Mbps) in the NSS Labs Security Value Map (SVM).

“Fortinet’s FortiGate NGFWs are designed to deliver the high throughput and security effectiveness required in today’s large scale data centres,” the company says.

While the FortiGate 7060E scored a 97.9% exploit block rate, the FortiGate 3000D scored slightly higher with 98%. Both solutions blocked 100% of evasions.

The FortiGate 7060E’s IPS Protected Throughput through IPv4 reached 131,486 Mbps and its IPv6 reached 114,416 Mbps.

 Fortinet’s FortiGate 3000D’s IPS Protected Throughput through IPv4 reached 30,987 Mbps and its IPv6 reached 30,046 Mbps.

Fortinet says it is committed to testing and validation of its products.

“We applaud Fortinet’s commitment to third-party testing.  Fortinet’s Recommended rating in our 2017 DCSG Group Test makes them a great option for any business looking to strengthen their data centre security architecture,” Phatak concludes.

Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
NBN Co rolls out 'optimised' wholesale business bundles for ISPs
“We recognise some businesses are on nbn powered plans that have not been optimised for their needs," says Paul Tyler.
How Schneider Electric aims to simplify IT management
With IT Expert, Schneider Electric aims to ensure secure, vendor agnostic, wherever-you-go monitoring and visibility of all IoT-enabled physical infrastructure assets.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
Preparing for the future of work – growing big ideas from small spaces
We’ve all seen it: our offices are changing from the traditional four walls - to no walls. A need to reduce real estate costs is a key driver, as is enabling a more diverse and agile workforce.
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.