What it takes to build the best NGFW out there

I’ve been doing cybersecurity for the past 20 years. In the beginning of my career, I was on the offensive side doing penetration testing, but then I became more interested in defensive work (although #shell in the test lab still makes me grin). During the past 15 years, I’ve been running security research operations and have been privileged to work with a lot of super-smart people.

To be successful in security research requires passion – living and breathing it 24x7. That’s what we have here at Forcepoint. We love what we do because we know human-centric security is about enabling our customers to not just connect their people and data, but to also protect the points where their employees, business information and intellectual property come together and are most vulnerable. And to do so more efficiently than anyone else, without requiring armies of specialized experts or ongoing headaches.

To do this, we created a next-generation firewall (NGFW) that is unique. One that integrates deep security and centralized management into the core of the firewall rather than tossing them on after the fact. We knew this would be the best way to provide the kind of unprecedented efficiency and protection that would leave other vendors behind.

The 2017 NSS Labs NGFW test proves us right. We were the top performer of the 10 vendors in the test. We blocked 99.95% of exploits in NSS Labs’ 2017 NGFW Test. In fact, Forcepoint is the only vendor to block 100 percent of tested exploits run from the NSS Labs static exploit library and over a continuous live testing period of 31 days, we blocked 99.89% of “drive-by” exploits that target client applications. We also blocked 100% of evasions and had zero false positives. And, we did all of this while still offering one of the lowest total cost of ownership ratings as well.

How? Since malware is constantly evolving, we created a uniquely flexible architecture that enables us to easily and rapidly adapt to shifting protocols, applications and attack vectors using intelligent software. In addition, we took advantage of modern processor technology to provide acceleration for critical operations like decryption that runs fast across all environments – physical, virtual and cloud. In contrast, silicon-based products don’t have the agility to adapt to changing threats, let alone new “good” forms of applications, usage behaviors they haven’t seen before, and deployment environments. Such products often look nice for a little while, but then quickly get stuck behind. To quote Mark Andreessen, “software is eating the world.”

The Forcepoint NGFW has a software-based architecture that is deeply tuned for delivering high levels of performance, security and efficiency across different environments. It’s been a security industry leader for years – we’ve received NSS Labs’ highest rating of “Recommended” in every NGFW test they’ve ever done and were unsurpassed against even purpose-built intrusion prevention systems in last year’s NGIPS test.

But then, we started focusing on blocking evasion techniques before anybody else (we pioneered the field and literally wrote the book on it). Our advanced traffic normalization prevents attackers from playing tricks with packets (which often fool other vendors’ products, but more on that another time), and we take care to perform dynamic protocol and application identification regardless of port. At the end of the day, our ability to combine inspection and analysis techniques from the lowest layers of the network up into the highest levels of advanced malware detection were what sets us apart.

“The security effectiveness of the Forcepoint NGFW 3301 was unsurpassed in the NSS Labs 2017 NGFW test,” said Thomas Skybakmoen, Distinguished Research Director at NSS Labs. “The Forcepoint NGFW should be on every company’s short list.” We couldn’t agree more.

If you’d like to learn more, you can download the results of NSS Labs’ test of the Forcepoint NGFW or visit us at Infosecurity Europe (stand F80) this week in London or the Gartner Security & Risk Management Summit (booth #303) next week in National Harbor, MD.