NSS Labs Intrusion Prevention Tests: Did Your Vendor Partner Pass?


Juniper Networks' SRX intrusion prevention system appliance struggled to perform in tests conducted by NSS Labs, receiving the only "caution" rating from the firm among a field of nine other products.

NSS Labs, an Austin, Texas-based information security research and testing company, evaluated 10 intrusion prevention systems in total -- Check Point Software Technologies, Dell SonicWall, Fortinet, HP TippingPoint, IBM, Juniper, McAfee (with two appliances), Sourcefire and Stonesoft -- for security effectiveness, performance and enterprise management capabilities. NSS Labs used its test results to establish an overall score and determine a total cost of ownership of the appliances. The findings were released last week.

The Juniper SRX 5800 appliance received below-average marks, receiving an 89.2 percent effectiveness score, having blocked 90.3 percent of attacks against server applications and 88.3 percent of attacks against client applications in NSS Labs testing.

Juniper's appliance has been a mainstay in many large telecommunications and enterprise environments and is known for its expensive price tag, but it also carried the distinction of providing security without impacting network traffic performance, said Rob Ayoub, research director at NSS Labs.

[Related: Juniper Software Boss Muglia Latest Top Exec To Depart]

"Juniper was addressing throughput in environments where other vendors failed to address, giving them a strong history as an industry leader for a long time," Ayoub said. "From an industry perspective they keep assuring the community that they are doing some revamping and working on improvements."

A Juniper spokesperson did not return a request for comment to CRN.

Juniper has had a long presence in enterprise data centers with many businesses standardizing on Juniper equipment, said Joe Miller, vice president and owner of Wilder, Ky.-based Key Solutions, a Juniper partner. Independent test results are one of many different factors for businesses to evaluate products, Miller said, adding that his firm advises clients on networking products from a variety of companies.

"Juniper may not always be the first line that we go to when a customer needs network security gear," Miller said. "We are constantly advising clients and work with them to identify what will most benefit their unique environments."

HP TippingPoint received a 91.1 percent score for its S7500NX appliance, and Fortinet received a 93.8 percent effectiveness rating for its Fortigate 3600C appliance.

Some solution providers have told CRN that their confidence in Juniper's security business had been shaken following quality issues associated with its SRX services gateway line in 2011. Juniper's security business, meanwhile, saw revenue for the fourth quarter decline 7 percent year over year to $157 million, according to Juniper’s financial results reported Thursday.

In an earlier interview with CRN before the NSS Labs results were released, Karim Toubba, vice president of global security channels at Juniper, said that any product-related issues or quality have been addressed. The company is focused with a very clear and differentiated story in the data center, Toubba said.

"I think it's important because for many of our partners, and especially the ones that focus on the enterprise, the data center is really sort of the key to the kingdom of the enterprise and where they store the data," Toubba said. "Security becomes a paramount discussion and paramount piece of the puzzle."

NEXT: Four Vendors Receive NSS Labs' 'Recommended' Rating