Update on Recently Released 2014 NSS Next-Generation Firewall Comparative Analysis

Oct 09, 2014
2 minutes

By: Lee Klarich, SVP Product Management at Palo Alto Networks

October 31, 2014 Update: We invite you to view an updated 2014 NSS Labs next-generation firewall test, in which Palo Alto Networks achieved 92.5% security effectiveness rating. Click here to see the updated report and read a letter of confirmation from NSS CEO Vikram Phatak.


As noted on this blog, NSS recently released a report on Next-Generation Firewalls that indicated that our product failed two security tests.  In our original blog post, we noted that we had not participated in the test process for this report.  However, because customer security is our paramount interest, we obtained the report and attempted to replicate the stated failures.

Through our own testing efforts and through working with NSS, we were able to replicate the two issues and focused immediately on a fix, which has been completed and is now available.  We also asked NSS to test the fixes and they have done so, confirming the fixes are effective (for detail see NSS Labs blog: https://www.nsslabs.com/blog/all%E2%80%99s-well-ends-well.)

You can read our customer advisory related to these issues here: https://live.paloaltonetworks.com/docs/DOC-8085.

We would like to thank NSS for their assistance in this matter and greatly appreciate the professional and collaborative manner in which this occurred.  Given that new attack methods are being developed at all times, any input that assists in identifying and blocking them is helpful as demonstrated in this case, and we plan to proactively engage in future tests to ensure we benefit from all input.

If you have questions for me, please email me at: lklarich@paloaltonetworks.com.

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.