Palo Alto NGFW fails NSS Labs report, war of words ensues

Cisco Advanced Malware Protection(AMP) achieves the highest security effectiveness in 2015 NSS Labs Breach Detection System Test Report.

Read the NSS Labs report to see how Cisco AMP proved effective against all evasion techniques tested and passed all stability and reliability tests. Cisco AMP is the only solution that goes beyond point-in-time detection to continuously analyze malware and provide retrospective security across the entire attack continuum.

Hi Enrico, I read through the methodology and our company purchased the NSS Labs reports

"The industry and customers have already recognized us as the best-in-class application firewall, but the NSS Labs report articulated that Palo Alto Networks has indeed brought best-in-class performance in other critical traffic and threat management," said Nir Zuk, founder and CTO at Palo Alto Networks. "Test results from an organization renowned for its industry expertise in IPS testing vindicate the groundbreaking work that Palo Alto Networks Application and Threat Research team has achieved."


NSS Labs Test Report - Barracuda Networks

For more information, or to download a complimentary copy of the NSS Labs report of Check Point’s Threat Prevention, visit: .

A couple products notably absent from this round of testing were the (CSA, ), for which , and security solutions (now owned by McAfee, but not yet integrated into McAfee's security suite). The reason I note these products is because they provide a good example of the type of service being tested in this latest NSS Labs report.


Firewalls from , Fortinet, Juniper , Palo Alto Networks and SonicWall had products that were criticized in the NSS Labs report (only a Check Point firewall escaped criticism about the ability to prevent the hacker "TCP Split handshake" attack). Now, two of the vendors, Fortinet and Sonicwall, are firing back at NSS Lab about how their firewall products were critiqued.That NSS Labs report also found that antivirus products miss between 10 percent and 60 percent attacker evasion techniques, while less than a third of the tested vendors had protection for memory-only malware.Read the NSS Labs report to see how Cisco AMP proved effective against all evasion techniques tested and passed all stability and reliability tests. Cisco AMP is the only solution that goes beyond point-in-time detection to continuously analyze malware and provide retrospective security across the entire attack continuum.