Introducing Critical Infrastructure Cybersecurity: Security and Visibility Across the OT/IT Boundary.

Our Blog

Forcepoint's SD-WAN security and connectivity verified by NSS Labs

Share

Wednesday, Aug 08, 2018

SD-WAN has gotten a lot of attention recently. But one aspect that has been noticeably absent is solid multi-vendor testing. Now that NSS Labs—the industry’s premier independent testing organization for cybersecurity solutions—has released the results of its 2018 SD-WAN Group Test, that’s changing. This inaugural report provides insights into many of the top approaches to SD-WAN and can help organizations figure out which vendors they should focus on in a crowded and noisy market.

Forcepoint was one of the nine companies whose products were tested, and we’re pleased to say that Forcepoint SD-WAN received a rating of “Verified” from NSS Labs. Not only did we handle all the test’s use cases (Performance, Video Quality, and VoIP Quality), we also offered the operational capabilities that NSS Labs recommends for SD-WAN solutions, including:

  • Zero-touch provisioning
  • Application-aware traffic steering
  • Automated link failover
  • Centralized management

As Vikram Phatak, CEO of NSS Labs, notes “Forcepoint is one of the few vendors to support all the use cases and capabilities we tested while also integrating strong security into their SD-WAN solution. They are a strong choice for any organization that’s looking to connect and protect their distributed enterprise.”

The 2018 test simulated an enterprise network with branches connected to a data center through two links: an MPLS line and a commercial broadband connection. Forcepoint’s advanced Multi-Link™ technology, used in thousands of locations around the world to connect organizations ranging in size from fewer than a dozen sites to more than 1500, enables those two links to be combined into one and ensures that all traffic on them is transmitted over an encrypted virtual private network (VPN).

Forcepoint integrates industry-leading security into SD-WAN for protection against internet threats

Often, SD-WAN vendors who only provide connectivity either ignore security or claim that encrypting traffic sent over each link is enough. It’s not. Wherever you connect to the internet, you need the same level of defense against online attackers that you have at your primary internet gateways—because with SD-WAN, every site is a primary internet gateway. Tacking on a whole separate stack of network security products isn’t the answer either. That just doubles the IT effort required and creates gaps if security policies aren’t kept in sync.

Forcepoint takes a different approach. We integrate full, industry-leading network security (see NSS Labs’ 2018 NGFW Group Test results) into our SD-WAN so that you can seamlessly protect each site you connect to the internet against advanced threats with the same level of assurance you have at your headquarters and data centers.

Security capabilities weren’t a required part of the NSS Labs SD-WAN test and aren’t reflected in their summary graphic. However, a full three-quarters of the detailed Product Scorecard in the per-vendor test report is devoted to security effectiveness. Forcepoint scored a perfect 100% on all the security tests, including blocking all 208 evasions (techniques that are used to camouflage exploits and sneak them past traditional network defenses).

We’re pleased that Forcepoint SD-WAN is one of the products to make it into this important test. As SD-WAN moves into the enterprise, having real validation of vendors’ claims on issues like connectivity, scalability and security will be crucial. For more information, please download Forcepoint’s SD-WAN test results, or contact us to discuss how we can help you connect and protect your distributed environment.

And, if you’re at Black Hat USA this week, please stop by our booth #620 and say hello.

About the Author

Jim Fulton

Jim has been creating and evangelizing enterprise connectivity and security solutions for more than 20 years. At Forcepoint, he focuses on how network security can go beyond simply keeping people safe to truly transform their business. Previously, he held marketing and engineering roles at...