CRN Home

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

WatchGuard Falls To NGFW Test, Questions Outcome

edited March 2013

imageWatchGuard Falls To NGFW Test, Questions Outcome

Security appliance maker WatchGuard is responding to a test conducted by NSS Labs on its next-generation firewall. The company questions the NGFW test results.

Read the full story here


  • Our ranking on NSS Labs' recent Next Generation Firewall Security Value Map does not accurately portray the performance of our products.

    During the installation, an error in the firmware image required our test engineer to re-download and re-install a different firmware image. This process took 16 hours to accomplish, but was a one-time anomaly. However, during their post-test scoring, NSS Labs multiplied that 16 hours by all 50 hypothetical devices, resulting in an unrealistic score.

    Our customers also use and love our AD integration, a feature we have supported for nearly 5 years. We received a low score in this category and we believe the flaw was in NSS's AD methodology.

    See a case study on our AD performance here:

    WatchGuard’s "Best in Class" model is optimized for Unified Threat Management (UTM) - a step beyond NGFW - because we believe that UTM platforms are where customers see the largest benefit and value. Sometimes this means we don’t fit squarely within traditional categories set up for laboratory tests, but our customers don’t operate within a test lab, they operate in the real world

    We are continuing to improve our product to provide the best possible solutions for our customers and will be seeking independent test results to prove our claims.

    Pat Devlin
    Regional Director
    Watchguard Technologies | Australia & New Zealand
  • Pat -- your company submitted to a NGFW test. Claiming that your product is optimized for UTM as an excuse for poor showing is rather strange. Even stranger is your claim that UTM is "a step beyond NGFW". This tells us you know nothing about your market -- NGFW is the clear successor to UTM. Surely Gartner mentioned this to you at one time or another? Or .... a Google search?

    Also, not sure why all other eight vendors did fine with the AD testbed, given your company's assertion that it was somehow flawed. And most importantly -- sixteen hours to re-install firmware? Do Watchguards need to have their firmware updated via 2400 baud modem?
  • The UTM concept has been around a lot longer than NGFW. That means there’s lot more flavours of UTM than NGFW and a broad spectrum of old and new offerings. The newest UTM offerings have a lot in common with NGFW and are often branded as such. In fact, defining the difference can be tricky. (It’s not just me)

    When it comes to the AD test bed and firmware, the responsibility ultimately lies with us. We have learned from these tests that better communication is needed when submitting products to be tested. As for the firmware, it will generally take one minute to update across all of our products (probably a little longer when using a 2400 baud modem).

    We're extremely confident that our products deliver and they usually achieve excellent results in these tests and we’ve had a harsh reminder about how important it is for us to maintain strong contact with the labs during product testing.
Sign In or Register to comment.