Data Center Security Gateway
DCSG 2018 Comparative Report: Performance

DCSG 2018 Comparative Report: Performance

This report is available through the Data Center Security Gateway Category Subscription. All of our subscription options can be viewed here.

AUTHORS:

Thomas Skybakmoen, Keith Bormann, Ryan Turner, Matt Chips, Matt Wheeler

TECHNOLOGY DESCRIPTION:

The digital world has transformed modern business. The growing use of the Internet has placed more demands than ever on the corporate data center. Organizations today rely more on their IT infrastructure to enable growth, agility, and productivity. But where there is opportunity, there is also risk. Enterprises must protect their end users and they must also protect the intellectual property and mission-critical applications that reside in their data centers.

While perimeter devices are expected to protect end users and a wide range of end user applications, data center security devices are deployed to protect servers and applications hosted in the data center. Data center security gateways (DCSGs) converge data center firewall (DCFW) and data center IPS (DCIPS) technologies, and as such, play a vital role in today’s security infrastructure. The goal of the DCSG is to provide access control in the data center and deep packet inspection in order to protect servers and applications from remote attacks.


REPORT FOCUS:

Implementation of DCSG devices can be a complex process, with multiple factors affecting the overall performance of the device. This Comparative Report provides data on factors affecting a DCSG’s ability to perform, including:

  • Throughput
  • Connection rates
  • Latency
  • HTTP capacity
  • Real-world traffic mixes

PRODUCTS EVALUATED:

The following products were evaluated:

  • Fortinet FortiGate 3200D v5.4.10 GA Build 7811
  • Fortinet FortiGate 6300F v5.4.10 GA Build 4283
  • Palo Alto Networks PA-5250 PAN-OS 8.1.2

To learn how each vendor performed, download a copy of each Test Report. NSS clients can also download the DCSG Comparative Reports on Security, Security Value Map, and Total Cost of Ownership.

As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodologies Data Center Network Security (DCNS) Test Methodology v2.0, and Evasions Test Methodology v1.2 that were applied is in the public domain to provide transparency and to help enterprises understand the results.

As with all NSS Labs group tests, there was no fee for participation. All testing was conducted independently and was not paid for by any vendor.