AUTHORS: Keith Bormann, Ryan Turner, Matt Chips, Matt Wheeler
Publish Date: October 30, 2018
TECHNOLOGY DESCRIPTION: DCIPS devices monitor and block malicious activities using deep packet inspection and application/user awareness and control capabilities. They handle traffic for potentially hundreds of thousands of users who are accessing large applications and/or computing servers hosted in the data center. DCIPS devices are typically deployed inline behind the data center perimeter (“a bump in the wire”) to inspect network traffic, or they are deployed out-of-band to provide internal network segmentation as well as to monitor and block the lateral movement of threats without introducing the complexity of a routing firewall.
PRODUCT EVALUATED: NSS Labs performed an independent test of the Fortinet FortiGate 3200D v5.4.10 GA Build 7811. The product was subjected to thorough testing at the NSS facility in Austin, Texas, based on the NSS Labs Data Center Network Security Test Methodology v2.0. This test was conducted free of charge and NSS did not receive any compensation in return for Fortinet’s participation.
PRODUCT TESTED IN THE FOLLOWING AREAS:
- Security Effectiveness – The DCIPS is designed to allow legitimate traffic to pass while blocking attacks and resisting evasion techniques. An effective DCIPS is one that can quickly detect zero-day, advanced, and targeted-attacks, as well as the lateral movement of threats, and can do so with a low false positive rate.
- Resistance to evasion – Failure in any evasion class permits attackers to launch attacks and/or exfiltrate sensitive data
- Stability and reliability – Long-term stability is important where failure can result in serious breaches remaining undetected.
- Total cost of ownership (TCO) – TCO was calculated by factoring in costs associated with product purchase (device and central management system), installation costs, and maintenance and upkeep (i.e., the time required to apply periodic updates and patches from product manufacturers).
- Performance and Value – Customers should look for low TCO and high effectiveness and performance rankings.
As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodology applied is in the public domain to provide transparency and to help enterprises understand the results.