By: Lee Klarich, SVP Product Management at Palo Alto Networks
As noted on this blog, NSS recently released a report on Next-Generation Firewalls that indicated that our product failed two security tests. In our original blog post, we noted that we had not participated in the test process for this report. However, because customer security is our paramount interest, we obtained the report and attempted to replicate the stated failures.
Through our own testing efforts and through working with NSS, we were able to replicate the two issues and focused immediately on a fix, which has been completed and is now available. We also asked NSS to test the fixes and they have done so, confirming the fixes are effective (for detail see NSS Labs blog: https://www.nsslabs.com/blog/all%E2%80%99s-well-ends-well.)
You can read our customer advisory related to these issues here: https://live.paloaltonetworks.com/docs/DOC-8085.
We would like to thank NSS for their assistance in this matter and greatly appreciate the professional and collaborative manner in which this occurred. Given that new attack methods are being developed at all times, any input that assists in identifying and blocking them is helpful as demonstrated in this case, and we plan to proactively engage in future tests to ensure we benefit from all input.
If you have questions for me, please email me at: firstname.lastname@example.org.