Security Controls in the US Enterprise: Network Security Stateful Firewall

Security Controls in the US Enterprise: Network Security Stateful Firewall


Jason Pappalexis, John Whetstone, Will Fisher, Mike Spanbauer



Stateful firewalls have long been considered by many to be the cornerstone of network architecture. These physical or virtual appliances are largely deployed at the perimeter of an enterprise network to prevent unauthorized access, enable VPN access, and generate valuable logs for administrators.

Operating up to layer 4 of the OSI model, this second generation of firewall technology inspects all network traffic (specifically source and destination IP address, port numbers, and protocol information) and checks it against rules defined by network administrators to determine whether traffic should be blocked or allowed to pass through the network perimeter.

Enterprises can use this data to gain critical insights into the purpose of the stateful firewall, including how these appliances are being managed within organizations, where they are being deployed, who is responsible for purchasing decisions, and the extent to which API controls are being used for their management.



  • Product scope, alternatives, deployment, and purchase authority
  • Metrics on product use within the enterprise
  • Who manages SSL/TLS appliances? (breakdown by organization size)
  • Who uses API controls? (breakdown by organization size)
  • Enterprise challenges



Part of a series on security controls deployed by US enterprises, this brief includes current usage statistics for stateful firewall technology within small and medium-sized enterprises (SMEs), large enterprises (LEs), and very large enterprises (VLEs).

As with all NSS Labs group tests, there was no fee for participation. All testing was conducted independently and was not paid for by any vendor.