ACADEMIA
Tests Demonstrate Fortinet Delivers Industry-Leading IPS Performance
- Written by: Webmaster
- Category: ACADEMIA
Fortinet announced that it delivers the highest level of combined intrusion prevention system (IPS) performance and catch rate of the industry. Those results were achieved with the FortiGate-3950B, Fortinet's next-generation firewall appliance for large enterprise and data center environments and are based on tests performed using BreakingPoint security testing products and NSS Labs test criteria methodology.
BreakingPoint security testing products are used throughout the world to harden networks and data centers in the face of escalating application loads and attacks. Those compact devices create high-performance application and attack traffic from hundreds of real-world applications, load from millions of users and broad security coverage that includes tens of thousands of current attacks and malware, as well as obfuscation and evasion techniques. Each BreakingPoint product features built-in automation to produce a standardized Resilience Score to measure network and data center performance; security and scalability; the performance of massive virtualized infrastructures in the face of peak user loads and attacks; and to validate the accuracy and performance of Lawful Intercept and Data Loss Prevention systems.
Following the NSS Labs IPS testing methodology, two L4 and L7 tests were conducted on the Fortigate-3950B appliance, one with IPS optimization enabled and the other without. The traffic setup was unidirectional and a large number of IP addresses were used on both the client and server sides to provide the most realistic testing conditions that reflect the largest number of devices present on a network.
Industry's Highest Performance IPS services and Best Catch Rate An inline network device such as an IPS system needs to provide as a minimum requisite sufficient throughput and low latency. Throughput provides the necessary performance when transferring large volumes of content across a corporate network, while the latency level is important to ensure that latency-critical network applications, such as VoIP and video, work seamlessly. By using the BreakingPoint Enterprise Application Mix test and the high medium and critical IPS signature, the FortiGate-3950B provided a throughput of 16.9 Gbps. Such level of throughput is necessary to deliver the advanced IPS services required to detect and block incoming threats without affecting network performance. The tests also showed that the FortiGate-3950B's IPS technology achieved a latency level as low as 12.5 microseconds. With such results, Fortinet's IPS technology offers the best performance available in the industry today.
Another key parameter for today's systems is the ability to accept and process new connections every second. Tested using BreakingPoint security testing products, the FortiGate-3950B showed that the TCP traffic rate could support up to 100,000 new TCPs per second with IPS activated. Note that this result is 2.5 times higher in a pure firewall mode.
At last, the FortiGate-3950B appliance achieved a 91% IPS Attack Catch Rate while being subject to the enterprise traffic mix test, making it one of the best catch rates under load in the network security industry today. Equally, the zero failure rate recorded in the tests for application transactions and cumulative TCP connections, even at full CPU utilization, demonstrates the appliance's ability to effectively intercept malicious traffic without packet loss.
"Beyond marketing claims, we believe that it is essential to validate the performance of our network security solutions using metric-based, rigorous real-world testing," said Patrice Perche, senior vice president of international sales & support at Fortinet. "By leveraging BreakingPoint's security testing products, we prove once again Fortinet's strong foundation of high-performance security and real-time network protection to our customers."
Fortinet's FortiGate-3950B The FortiGate-3950B next-generation firewall appliance offers unmatched levels of performance, scalability and security for large enterprise networks and managed service providers. Purpose-built by Fortinet, the FortiGate-3950B features custom FortiASIC processors, layered multi-threat protection from the FortiOS(TM) operating system and a flexible, modular architecture. The FortiGate-3950B provides up to 120 Gbps of firewall throughput and features a modular, space-saving 3-RU form factor, with five Fortinet Mezzanine Card (FMC) expansion bays.
The FortiGate-3950B's performance provides the power to detect, block or prevent threats in real-time. The appliance leverages the relevant IPS signatures from Fortinet's customizable database of thousands of known threats to stop attacks that evade conventional firewall defenses. Fortinet's anomaly-based detection enables the appliance to recognize threats even when no signature has yet been developed. New attack signatures are delivered 24/7 from the award-winning FortiGuard Intrusion Prevention Service to provide automatic, real-time updates and keep organizations ahead of the latest threats. The combination of high performance interlaced with the Fortiguard team's known and unknown threat prevention, plus tight integration with other Fortinet security technologies, enables the FortiGate-3950B to stop the most damaging attacks at security check points regardless of whether the network is wired or wireless, or the IPS is located at the network core or perimeter.