Spirent Communications has announced that NSS Labs used Spirent’s security solutions to test the SSL (secure sockets layer) capabilities of Next Generation Firewalls (NGFW). The NSS test evaluated nine leading NGFW products on the market for security effectiveness, performance, enterprise management capabilities and total cost of ownership.
SSL is a preferred choice for securing web applications. However, it does present some significant challenges for enterprises in that they have to choose between prohibiting the use of SSL on corporate networks or ensure that their security devices can handle inspection of encrypted traffic at realistic rates.
NSS Labs worked closely with Spirent to validate of the SSL traffic portion of the 2013 NGFW Group Test. The test used Spirent Avalanche to determine the NGFW’s ability to intercept, decrypt, process and re-encrypt HTTPS traffic at various network loads and with different cipher sizes.
‘By adding Spirent equipment to our test harness we were able to generate high volumes of encrypted traffic, allowing us to validate the ability of security devices to decode and inspect SSL traffic under load,’ explained Bob Walder, chief research officer of NSS Labs.
‘With a majority of online transactions moving towards SSL-based encrypted traffic, communications have become secure but it adds a lot more stress on network,’ said Ankur Chadda, product marketing manager at Spirent Communications. ‘Testing for SSL gives IT professionals the empirical data to understand how many users are on the network or if consumer devices can be supported securely.’