WEB APPLICATION FIREWALL (WAF) COMPARATIVE REPORT: Security Value MapTM
Authors – Thomas Skybakmoen, Morgan Dhanraj
NSS Labs defines web application firewalls (WAFs) as network-based products designed to alter, monitor, and block HTTP, HTTPS, and HTTP/2 conversation from web applications and protect against web-based attacks.
This report uses empirical data from NSS’ individual WAF Test Reports and Comparative Reports to create NSS’ unique Security Value Map™ (SVM). The SVM illustrates the relative value of each product by mapping Security Effectiveness against Total Cost of Ownership (TCO) per Protected Connections per Second (CPS).
The following products were evaluated:
- Citrix NetScaler Web Application Firewall (AppFirewall) MPX 5910 v22.214.171.1246
- F5 BIG-IP 10050S Application Security Manager (ASM) v126.96.36.199.0.184
- Fortinet FortiWeb-3000E v5.5.5
- Radware AppWall 1008 v7.3.4
- Symantec Blue Coat ProxySG v188.8.131.52
To learn how each vendor performed, download a copy of each individual Test Report. NSS clients can also download the WAF Comparative Reports on Security, Performance, and Total Cost of Ownership.
As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodology applied is in the public domain to provide transparency and to help enterprises understand the results.