NSS Labs just released a new set of reports covering Web Application Firewalls. Those reports can be found at NSS labs website HERE. There is a cost for these reports however it is worth the investment if you are looking to purchase a new firewall. Also, Palo Alto tested poorly and due to the back and forth between both companies, NSS labs is offering the Palo Alto report for free.
For those that are not familiar with NSS Labs, they are research and advisory firm. Many people look to companies like NSS Labs and Gartner for independent evaluations of technologies. I like NSS labs based on the processes posted about how they test a specific topic. Plus if a vendor challenges their findings, they are not shy about defending their testing practices.
Another entertaining part of the NSS lab report releases are when a challenge is made by a unhappy vendor. Earlier this year, NSS labs released a report on “Breach Detection Systems” (I posted about this HERE). Fireeye tested poorly and made claims against NSS Labs findings. NSS Labs posted their feedback on each challenge. This time Palo Alto tested poorly for the Web Application Firewall report and posted negative feedback on this report (CRN covered this HERE). Once again, NSS Labs came back with a counter post (found here) and even offered the Palo Alto report for free. Palo Alto eventually posted a formal apology HERE including this image, which explains it all. In summary, they said “I would like to formally retract the statements I made about NSS Labs and extend a formal apology”.
Palo Alto’s response found on the aplogy posting
In a more positive light, vendors such as Cisco, Dell and Checkpoint tested well in the reports. Check them out and others at the NSS labs website.