October 19, 2016

Firewalls – the Frontline Against Advanced Evasion Techniques (AETs)

Susan Helmick

Modern firewalls are no longer just networking devices. While newer cyber security safeguards sometimes get the fancy headlines, truly innovative firewalls are providing new levels of protection every day on the frontlines. Case in point: defending against Advanced Evasion Techniques (AETs, not to be confused with APTs, Advanced Persistent Threats).   Not all firewalls take the same approach.

Today’s attackers are increasingly using AETs to probe and sneak through traditional intrusion defenses, both at the edge and inside the network. While people might be most familiar with AETs coming from external sources, they are also playing a growing role in internal attacks. Malicious code that uses social engineering or other methods to hijack endpoints is now using AETs to circumvent internal protections that guard sensitive systems, often opening the door to larger, more destructive attacks. As a result, stopping AETs at the edge, inside enterprise networks, and in the cloud has become more important than ever.

This is an issue that is near and dear to our heart. Stonesoft Corporation (now a part of Forcepoint) was the pioneer in uncovering and defeating AETs. Ever since we discovered the first AETs in the wild in 2010, our Stonesoft Next Generation Firewall (NGFW) has incorporated a variety of threat-discovery techniques that examine network traffic across its different layers. Our approach not only identifies applications and users at a granular level, but also ensures that tricks such as out-of-order packet transmission or adulterated TCP Acknowledgements can’t be used to get malicious content through.

But, you don’t have to take our word for it. NSS Labs, one of the industry’s leading independent security testing organizations, has given our Stonesoft NGFW their highest rating of “RECOMMENDED” for 4 consecutive tests. And, this week, we were honored to have NSS Labs recognize our security products again with yet another “RECOMMENDED” rating in their new 2016 Next Generation Intrusion Prevention System Comparative Report (NGIPS).

In this latest test, NSS Labs tested a variety of other products, including dedicated IPS boxes. Not only did our Stonesoft platforms do as well or better than those IPS-only products, our solutions also provide next-gen firewalling, VPN connectivity, multi-link aggregation, cloud-based firewalling and so much more – all managed from a single console. Highlights from the report included:

  • Stonesoft NGFW received NSS Labs’ highest rating of “RECOMMENDED”.
  • Our AET defenses proved effective against all attack evasion techniques tested.
  • We blocked 100.0% of attacks against application-layer attacks and received a 99.9% security effectiveness core.
  • The throughput of our Stonesoft N3301 measured 26% ABOVE our documented rate.
  • Our Stonesoft solution passed all of the stability and reliability tests.

Why did we do so well? Well, we literally wrote the book on AETs (you can download a complimentary copy of Advanced Evasion Techniques for Dummies here).

At Forcepoint, we believe that intrusion protection is a crucial capability that needs to be available everywhere – in your firewalls, in internal network defenses, and in your software-defined networks in the cloud. To learn more about how Stonesoft NGFWs give you the scalability and visibility you need to efficiently manage your network, respond quickly to events and threats, and adopt transformative technologies, click here or request a free trial and see for yourself.

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.