Palo Alto Networks™, the network security company, today announced that NSS Labs awarded Palo Alto Networks the "Recommended" rating for passing all tests, including the TCP split-handshake spoof test, within its Network Firewall 2011 Comparative Test.

NSS Labs—a world leader in independent security product testing and certification—designed the test to focus on the following four areas:

  • Security effectiveness
  • Performance
  • Stability
  • Total Cost of Ownership (TCO)

Not only did Palo Alto Networks pass all effectiveness and stability tests, but only the Palo Alto Networks PA-4020 performed above its stated datasheet performance. NSS Labs noted that Palo Alto Networks price/performance is $10 per protected Mbps, by far the most cost-effective product among the participating vendors—Check Point, Cisco, Juniper, Fortinet, and SonicWALL.

"NSS Labs covered a lot of ground in this network firewall test and we are pleased to have worked with them to retest and subsequently successfully pass all of their tests while still surpassing the performance metrics stated on our datasheet," said Nir Zuk, founder and CTO at Palo Alto Networks. "Given that we're the only firewall in this test that does firewall policy based on application and user, and the only firewall in the test that can decrypt and inspect inbound and outbound SSL, we feel that our security per protected Mbps is more effective, as well as more cost effective."

"NSS Labs commends Palo Alto Networks for taking the steps to protect their customers," says Vik Phatak, CTO, NSS Labs. "We are impressed with Palo Alto Networks' responsiveness and collaboration during the retesting process and are happy to recommend them."

About Palo Alto Networks

Palo Alto Networks™ is the network security company. Its next-generation firewalls enable unprecedented visibility and granular policy control of applications and content – by user, not just IP address – at up to 20Gbps with no performance degradation. Based on patent-pending App-ID™ technology, Palo Alto Networks firewalls accurately identify and control applications – regardless of port, protocol, evasive tactic or SSL encryption – and scan content to stop threats and prevent data leakage. Enterprises can for the first time embrace Web 2.0 and maintain complete visibility and control, while significantly reducing total cost of ownership through device consolidation. Most recently, Palo Alto Networks has enabled enterprises to extend this same network security to remote users with the release of GlobalProtect™. For more information, visit

Palo Alto Networks, "The Network Security Company," the Palo Alto Networks Logo and App-ID are trademarks of Palo Alto Networks, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.