NSS Lab Report Outlines what we already know - Firewalls are not enough


While reading through our OSINT sources today we noted that a report from NSS Labs pretty much outlined what we already know about firewall technology. Of the tested firewalls in the report, none of them stopped all variations of threats during testing. This should be a stark warning to those companies that rely solely on firewalls to protect the enterprise.

Lack of resilience - Quote from the article

NSS Labs added a new test in 2018 for resiliency against modified exploits and, according to the report, none of the devices exhibited resilience against all attack variants.

"The most surprising thing that we saw in this test was that ... our research and our testing showed that a fair number of firewalls did not demonstrate resilience against changes in attacks that are already known," Brvenik said.

Enterprises deploy next-gen firewalls to protect their networks from the internet, he added, and as part of that they expect that employees who browse the internet should not have to worry about new threats. Technology innovation related to cloud integration and real-time updates is promising, but key enterprise problems remain unsolved such as the ability to defend against attacks delivered in JavaScript.

These types of reports highlight that Jigsaw Security is on the right patch with our service marked Jigsaw Threat Mitigation Model (sm). The model provides protection that includes non cyber based attack vectors. If we realize that not all attacks are cyber focused, we can do more to stop threats using other technologies such as port resets (disruption), RPZ (disruption) and through RFC compliance checks on packet data.

The Jigsaw Threat Mitigation Model utilizes many security devices to include firewalls, network sensors (FirstWatch) that can perform traffic flow resets and DNS manipulation. Heuristic detection of unknown threats is the key in detecting threats that vendors have not previously seen before. While firewalls are great they require rules and must be configured properly to stop threats, whereas our sensors look for patterns in network traffic that indicate threats that are unknown to security vendors, have changed since the threat actor started a campaign or when IOC's have been modified to defeat blocks implemented by network administrators.

In this day and age we all know we need more than firewalls to protect our data so it's no surprise that NSS Labs would have the same finding that caused us to create our FirstWatch platform in the first place.

References: NSS Labs ranks next-gen firewalls, with some surprises -

Kathleen Richards 19 July 2018

#News #Firewalls

0 views

Contact: (800)447-2150 Ext. 1        To contact Jigsaw simply send a message in our chat window!

  • Facebook - Black Circle
  • Twitter - Black Circle

© 2017-2018 Jigsaw Security Enterprise Inc.

Jigsaw Security Enterprise Inc is a SDVOSB - Service Connected Disabled Veteran Owned Small Business Jigsaw Security is an operator of WIMAX networks and is operating under license WQVC235 as a common carrier, non-common carrier and private communications operator. Jigsaw Security operates cable and satellite services. Courses may be provided by a third party authorized training partner in some cases. Some training is only available for cleared and US Citizens. Courses approved by the North Carolina Department of Public Safety Private Protective Services Board for licensing and CE credits. JPM program insurance is provided by an authorized Jigsaw Security Insurance Partner and is not underwritten by Jigsaw Security. For insurance information please contact our JPM program manager. Jigsaw Security operates a network through our NCBroadband brand.