This report is available through the Breach Prevention System Category Subscription. All of our subscription options can be viewed here.
Thomas Skybakmoen, William Dean Freeman, Jessica Williams
Threat actors are demonstrating the capability to bypass protection offered by conventional endpoint and perimeter security solutions. Enterprises must in turn evolve their defenses to incorporate a different kind of protection, one that NSS Labs defines as a breach prevention system (BPS). A BPS is an integrated solution that leverages multiple modern technologies such as cloud and on-premises sandboxing, emulation, and machine learning. These technologies are leveraged in conjunction with traditional deep inspection and/or access control blocking technologies such as next generation firewalls (NGFWs) and next generation intrusion prevention systems (NGIPS) that act as enforcement points. In addition, most BPS have integrated endpoint technology which enables them to block attacks that would not otherwise be seen by a network device.
Implementation of a BPS solution can be a complex process, with multiple factors affecting the overall performance of a solution. This Comparative Report provides data on factors affecting a BPS’ ability to perform, including:
- Connection rates
- Real-world traffic mixes
The following products were evaluated:
- Check Point Software Technologies 15600 Next Generation Threat Prevention & Sandblast (NGTX) Appliance R77.30
- Cisco FirePOWER 8350 v188.8.131.52 with Cisco AMP v184.108.40.20683
- Fortinet Advanced Threat Protection (FortiSandbox Cloud with FortiGate 600D v5.6.1, Fortimail Virtual Appliance v5.4.0 and Forticlient ATP Agent v220.127.116.112)
- Juniper Networks SRX1500 v15.1X49-D90.7 with Sky ATP
- Palo Alto Networks PA-5220, PAN OS 8.0.3-h4 with Traps v18.104.22.168239
To learn how each vendor performed, download a copy of each Test Report. NSS Labs clients can also download the BPS Comparative Reports on Performance, Security, Security Value Map, and TCO.
As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodology applied is in the public domain to provide transparency and to help enterprises understand the results.