Not All Security Devices Are Created Equal, Says New Report from Independent Lab Broadband-Testing

Testing Showed Significant Drop in Performance with Addition of IDS/IPS Functionality

LONDON--()--Independent test lab Broadband-Testing today released a report on its performance validation of IT network firewall solutions from Cisco Systems, NetPilot, SonicWall and WatchGuard. Using Spirent’s security solutions, the tests benchmarked the performance of the vendors’ devices against key criteria such as network and application traffic performance with and without attacks, to determine which solution was the best at providing an entry-level security product for enterprises.

The test report highlights key performance differences between the firewall products and concludes that there is a level of compromise involved in terms of performance when advanced functionality is enabled. This underscores the need for comprehensive testing that compares security device’s real-world performance and datasheet performance.

Differentiation among the four tested products appeared in security features, the variety of licensing options, differences in management GUIs, and competitive pricing. The report’s key findings include the following:

  • In basic firewall mode, the firewall products in general were able to get close to their claimed performance figures and were perfectly reasonable for the target market
  • With IDS/IPS functionality enabled, performance of the firewalls fell away markedly in all cases
  • Differences in the products’ capabilities impacted their ability to prevent threats, depending on traffic conditions

“Enterprises have much to lose by not taking the initiative to create and enforce a strict security regime. Instead they depend only on their security device vendors’ claims to assess the fortification of their network,” said Steve Broadhead, founder and director, Broadband-Testing. “The goal of this test was to look at different firewall solutions that sit at various price points and evaluate them on pure performance. Spirent’s solutions were instrumental in the testing, and were able to push the four products with realistic and scaling performance traffic and threat traffic. By testing the performance of the security devices and verifying against vendor claims, it was easy to identify areas of weakness in the network.”

Broadband-Testing utilized Spirent Studio for attack traffic with known vulnerabilities and Spirent Avalanche as a stateful application traffic generator. The tests were conducted using a realistic mix of traffic that a branch office may commonly encounter.

“Enterprise security validation needs to go beyond just looking for known risks or performance in isolation, it also needs to track the impact of security policies on performance and vice versa,” said Aswath Mohan, director, segment marketing for security, data center and cloud computing at Spirent. “It should also test for abnormal traffic patterns that pose greater, yet currently unknown, risk to enterprise mobility. Spirent has a long history of enabling enterprises and IT organizations of all sizes to better prepare for new upgrades, and services deployments.”

To download the complete test report and watch the webinar by Steve Broadhead visit: http://www.spirent.com/White-Papers/Broadband/PAB/Broadband-Testing_Entry-Level_Enterprise_Firewall_Test_Report

For more information about on Spirent’s security solutions visit: http://www.spirent.com/Networks-and-Applications/Network_security

About Spirent Communications plc

Spirent Communications plc. (LSE: SPT), a global leader in test & measurement, offers an extensive portfolio of solutions to test data centers, cloud computing and virtualized environments, high speed Ethernet networks and services, 3G/4G wireless networks and devices, network and application security, and positioning technologies. For more information visit http://www.spirent.com/about-us/News_Room/About_Spirent_Communications_plc.aspx

About Broadband-Testing

Broadband-Testing is Europe’s foremost independent network testing facility and consultancy organization for broadband and network infrastructure products. Based in Andorra, Broadband-Testing provides extensive test demo facilities. From this base, Broadband-Testing provides a range of specialist IT, networking and development services to vendors and end-user organizations throughout Europe, SEAP and the United States. For more information visit www.broadband-testing.co.uk.

Contacts

Broadband-Testing
Steve Broadhead, +376 633010
sbroadhead@broadband-testing.co.uk
or
Spirent Communications plc
Europe:
Zonic PR
Kate Innes, +44 (0) 1672 550123
kinnes@zonicgroup.com
or
North America
SS|PR
Steve Fiore, +1 847-415-9329
sfiore@sspr.com

Release Summary

Broadband-Testing today released a report on its performance validation of IT network firewall solutions from Cisco Systems, NetPilot, SonicWall and WatchGuard.

Sharing

Contacts

Broadband-Testing
Steve Broadhead, +376 633010
sbroadhead@broadband-testing.co.uk
or
Spirent Communications plc
Europe:
Zonic PR
Kate Innes, +44 (0) 1672 550123
kinnes@zonicgroup.com
or
North America
SS|PR
Steve Fiore, +1 847-415-9329
sfiore@sspr.com