Adaptive and comprehensive protection against an evolving threat landscape can be a complex discussion. When you add in layers of marketing hype, footnoted claims, and qualified conditions, then it’s not surprising to hear that customers get confused when it comes to choosing security for their business.
If what a customer sees after deployment doesn’t measure up to the promises, that creates understandable trust issues and frustration for someone who thought they were buying a proven and reputable solution.
Changes to network infrastructure (such as the eroding perimeter, as a result of cloud-based apps, BYOD, and the Internet of Things) combined with a rotating rogue’s gallery of the latest malware, botnets, and black-hats make the issue of what a customer needs to protect their private data and digital assets even more unclear.
Fortunately, there are some objective lenses to help customers see past all the smoke, mirrors, and “marketecture” to find security products that not only do what they say they do, but that also meet the specific infrastructural needs of their organization.
Third-party Testing & Validation
Evaluation by qualified, independent researchers provides data-driven guidance to assist with choosing effective security across a broad spectrum. Groups such as Virus Bulletin, and NSS Labs (among others) do comparative testing, and reporting on how different products measure up under real-world conditions.
Competitive benchmarking, certification, and validation all help to cut through the industry noise and hold vendors to their claims. Open and transparent industry participation with this process drives security developers to innovate more effective solutions, fosters an even playing field, and encourages positive aspects of competition.
NSS Labs conducts regular evaluation of the top next generation firewalls (NGFWs), subjecting competitive solutions to strenuous, real-world scenarios that test security effectiveness, network performance, and TCO.
This year’s NSS Labs comparative reports showed our FortiGate 3200D ahead of all competitors in terms of NGFW effectiveness—delivering the best combination of security, network performance, and total cost of ownership (TCO) and receiving their coveted “Recommended” rating.
In addition to earning top effectiveness and performance scores, the detailed results of NSS Labs’ continuous, two-month Cyber Assessment Warning System (CAWS) tests revealed that the FortiGate provided the most consistent scores throughout the entire evaluation period. Fortinet exhibited none of the reductions in block rates and throughput seen in competing solutions costing up to 10x more. And it’s those sorts of performance dips that can result in reduced security and network bottlenecks—putting networks at greater risk for breach.
One current trend is that hackers have grown more sophisticated by creating intricate botnet networks and by co-opting web-based advertising to serve malicious content. Against these sorts of exploits, web filtering is one of the first lines of defense in business environments. Web filters work in front of antivirus software to protect unsuspecting users by blocking harmful URLs/hyperlinks, compensating for vulnerabilities in browser plugins, intercepting spam, and analyzing phishing campaign content.
Virus Bulletin’s VBWeb testing is an industry first that puts competing web filtering solutions up against demanding, real-world scenarios—including an assortment of malicious URLs and drive-by-download HTML pages that serve up different malware. A solution must block at least 70% of total malware to earn the VBWeb certification.
Fortinet was the first (and only) security vendor to publicly share our results in Virus Bulletin’s initial VBWeb comparative report. Details of the certification testing reveal that Fortinet’s FortiGuard web filtering services deliver superior protection against web-based threats. It blocked 97.7% of direct malware downloads and stopped 83.5% of malware served through all tested methods (well-above the certification threshold of 70%).
Why We Do What We Do
At Fortinet, we’re very proud of being our industry’s most independently tested and validated security vendor. The fact that we earn more certifications and validations is an extension of the value we place on rigorous and reputable outside evaluation.
We maintain this commitment not just because we’re confident in our solutions, but because it’s the right thing to do. We cooperate with independent testers because they’re critical to raising the bar for the security industry as a whole, while helping to ensure that customers make fully-informed buying decisions.