Home » Computer & Software » Hardware » NSS Labs Releases Results of First Web Application Firewall Group Test
Ihren XING-Kontakten zeigen

NSS Labs Releases Results of First Web Application Firewall Group Test

AUSTIN, TX — (Marketwired) — 09/30/14 — NSS Labs today released its first Web Application Firewall (WAF) Security Value Map (SVM) and Comparative Analysis Report (CAR) series, which evaluated 6 of the leading WAF products on the market for security effectiveness, performance, and total cost of ownership (TCO). Five of the six products tested received the coveted NSS “Recommended” rating and for the first time ever in NSS testing, no vendors received a “Caution” rating. Our enterprise research indicates that adoption continues to increase based on market awareness and the value of the web assets.

Learn More:

NSS–s research yielded several key conclusions:

In this first test, 5 of the 6 products tested scored over 99.76% for security effectiveness and all products successfully protected against evasions. The overall range of scores for security effectiveness was 96.11 – 99.97%. While most of the vendors tested had a high security effectiveness score, enterprises need to understand that it can take only one attack to compromise a Web server, therefore an improvement of 0.20% can make a significant difference in protection.

All vendors missed attacks in this category, which is one of the most prevalent flaws in web applications and allows an attacker to send a malicious script via the web application to unsuspecting users of the website.

In order to capture the relative value of devices in the market, NSS developed a unique metric, TCO per protected connections per second (CPS). The TCO for WAFs tested ranged from $1.93 to $15.85, with 5 of the 6 products under $4.89.

In testing, 5 of the 6 WAF products tested outperformed their vendor-stated capacity (connections per second) and two vendors achieved rates over 200% higher than their stated rates. Vendor capacity ranged from 3% to 323% above their stated rates.

“PCI compliance helped to broaden the potential market for WAF, but is only one use case. With the increased dependence on web services, as well as the notable exploits discovered this year such as Heartbleed and Shellshock, WAF adoption will continue to accelerate as enterprises invest in protecting these mission critical assets,” said Vikram Phatak, CEO of NSS Labs.”

The NSS Labs NGFW Security Value Map, Comparative Analysis Reports, and Product Analysis Reports for each vendor are currently available to NSS Labs– subscribers at .

The products covered in the 2014 WAF Group Test are:

Barracuda Networks Web Application Firewall 960

Citrix NetScaler AppFirewall MPX 11520

Fortinet FortiWeb 1000D

F5 Big-IP ASM 10200

Imperva SecureSphere x6500

Sangfor M5900-F-I

NSS Labs, Inc. is the world–s leading information security research and advisory company. We deliver a unique mix of test-based research and expert analysis to provide our clients with the information they need to make good security decisions. CIOs, CISOs, and information security professionals from many of the largest and most demanding enterprises rely on NSS Labs– insight, every day. For more information, visit .

© 2014 NSS Labs, Inc. All rights reserved. All brand, product and service names are the trademarks, registered trademarks, or service marks of their respective owners.

ReseAnne Sims
Sr. Manager, Public Relations
NSS Labs
Phone: +1 (832) 741-7373

You must be logged in to post a comment Login


Blogverzeichnis - Blog Verzeichnis bloggerei.de Blog Top Liste - by TopBlogs.de Bloggeramt.de blogoscoop