NGFW:MARKETGROWTH,DEPLOYMENTS,ANDNSSTESTRESULTSNSSLabsResearch03/17,2016

ThomasSkybakmoenResearchVP

MikeSpanbauerVPofSecurity,Test&Advisory

Slide2

NSSLabs

TheWorld’sLeadingSecurityInsightCompany

Slide3

UnmatchedSecurityTestingExpertise

Slide4

Agenda

•  TheNGFWmarketandgrowth• Drivingthedeploymentsintheenterprise• NSSLabs’2016NGFWGroupTestresults•  TCO•  SecurityEffec,veness•  Performance

• Q&A

Slide5

NGFWDefined•  TradiSonal“firstgeneraSonfirewall”features,suchas:•  Basicpacketfiltering•  StatefulmulS-layerinspecSon•  NAT•  VPN

•  “NextgeneraSonfirewall”features,including:•  ApplicaSonawareness/control•  User/groupcontrol•  IntegratedintrusionprevenSonsystem(IPS)•  AbilitytooperateatLayer3(“tradiSonal”)•  Externalintelligencetoenhanceblockingdecisions(i.e.,“reputaSonservices”)

Slide6

StateoftheMarket

• MarketSize•  US$4.4Bin2015•  US$5.1Bin2016(NSSest.)

• Currentbuyers•  Largeenterprisemadeup38%ofsalesin2015

• Evolving+Expandingmarket

0%

5%

10%

15%

20%

25%

$0

$1,000

$2,000

$3,000

$4,000

$5,000

$6,000

$7,000

$8,000

$9,000

$10,000

2015 2016 2017 2018 2019 2020

NGFWRevenue NGFWGrowth

Slide7

DeploymentDrivers

•  SecurityEffecSveness•  Increasinglycomplexthreatlandscape•  ConSnueddrumbeatofhighprofilebreaches•  Availabilityofhighperformanceproducts

•  TotalCostofOwnership•  LowerTCOcomparedtomulSpleproducts•  Securitymanagementthroughasingleplaeorm•  Internalfirewallopensupnewdeployment(distribuSonswitchdisplacement)

•  Improvesecurityworkflow/IntegraSon•  IntegraSonwithSIEM,incidentresponse•  Cloudandvirtualdeployments,commonpolicy

Slide8

NGFWGroupTest

•  Individualproductstestedperthemethodology•  ProductReportsreleased•  ComparaSveReportsreleased•  LiveTesSngSecurityComparaSveresultsfromNSSCyberAdvancedWarningSystem

•  SVM

SecurityValueMap

VendorA

VendorB

VendorC

VendorD

VendorE

SecurityEffecNveness Performance TotalCostof

Ownership

ProductReports

ComparaNveReports

Slide9

GroupTestResults:Definitions

•  TCO•  Purchase•  Maintenance-incl.subscripSonfees•  AdministraSon–incl.installaSonandtuning

•  SecurityEffecSveness•  EquaSon:ExploitBlockRate*FWPolicy*AppControl*Evasions*Stability&Reliability

•  TCOperProtectedMbps•  EquaSon:(3-YearTCO)/(SecurityEffecSvenessxNSSTestedThroughput)

Slide10

GroupTestResults:ProtectionandTCOMapTCOperProtectedMbpsagainstSecurityEffec,veness

Furtherupandrightisbest

Aboveline=aboveaveragesecurity

SecurityRecommended

Slide11

GroupTestResults:SVM

NGFW v6.0

Barracuda

Check Point

Cisco ASA Cisco FirePOWER

Cyberoam

Dell SonicWALLForcepoint

Fortinet Hillstone

HuaweiJuniper

Palo Alto Networks

WatchGuard

100%

90%

80%

70%

60%

50%

40%$100 $80 $60 $40 $20 $0

TCO per Protected Mbps

Secu

rity E

ffecti

vene

ss

Average

Average

•  2000uniqueexploits•  2monthsoflivedata•  750+exploits

•  Dec2015–Jan2016

Slide12

GroupTestResults:Breakdown

•  Security•  SecurityEffecSvenessfrom58.1%to99.6%•  AverageSecurityEffecSveness:96.3%•  CAWS:nosingleproductblockedallanacks

(77.12%to99.97%)•  EvasioneffecSveness:100%

•  Performance•  Throughputfrom2,477to42,324Mbps

•  TCO(10devices+1CMS)•  3-yearTCOrangedfrom$312,746to$12,573,800•  Average3-yearTCOwas$2,579,457

•  TCOperProtectedMbps•  AverageTCOperProtectedMbps:US$27•  RangedfromUS$6toUS$97

Slide13

SVMToolkit:CyberoamRetest

NGFW v6.0

Barracuda

CheckPoint

CiscoASA CiscoFirePOWER

Cyberoam

Del lSonicWALLForecepoint

Fortinet Hi l lstone

HuaweiJuniper

Pa loAltoNetworks

WatchGuard

CyberoamRetest

40%

50%

60%

70%

80%

90%

100%

$0$20$40$60$80$100

SecurityE

ffectiv

eness

TCOperProtected- Mbps

Slide14

CAWSTMBringsContinuousLiveExploitTestingtoGroupTests

AnnouncedFebruary18,2016

2016GROUPTESTROADMAP

CAWS

CAWS

CAWS

CAWSCAWS

Slide15

QuesNons?

Thankyou!Gotowww.nsslabs.com

todownloadthefreeNGFWSecurityValueMapGraphic*Clickthethesecondbuttonbottomleft.