In the first-ever third-party testing of cloud network firewalls, Fortinet FortiGate-VM earned the highest possible rating of AAA in all five categories of a test by CyberRatings, an independent, nonprofit member organization that provides transparency and expert guidance on cybersecurity risks via research and testing programs.
The CyberRatings “scorecard” for the Fortinet Cloud Network Firewall states, “Security Effectiveness was excellent; Fortinet blocked 35 out of 35 evasion techniques, 977 out of 977 exploits, and passed all the stability and reliability tests.”
Fortinet Continues to Raise the Bar for NGFWs Across the Infrastructure
Below is a summary of the Fortinet scores in the five testing categories of the CyberRatings test:
- Management and Reporting Capabilities
- Routing and Policy Enforcement
- SSL/TSL Functionality
- Threat Prevention
- Performance
Efficient Routing and Policy Enforcement
Proper routing and policy enforcement is critical to secure perimeters and ensure compliance of the IT infrastructure in hybrid and cloud deployments. They encompass segmentation and access control of different virtual networks on the cloud and in the virtual data center.
FortiGate-VM received the highest possible rating (AAA) for all CyberRatings’ Routing and Policy Enforcement tests, ranging from simple to complex policies. IT teams can use FortiGate-VM to apply proper segmentation, ensuring isolation and protection of internet-facing zones (north-south perimeter). And they can also use appropriate access control to filter traffic in environments with multiple zones (east-west perimeter) at different trust levels.
Robust SSL/TLS Functionality
About 80% of internet traffic is encrypted and almost all e-commerce websites use HTTPS traffic. It is imperative that firewalls protecting IT assets correctly decrypt SSL/TLS traffic to inspect and make policy-based decisions. The TLS 1.2 and 1.3 cipher suites tested by CyberRatings are used by 98% of all websites.
FortiGate-VM received the highest rating possible (AAA) for preventing insecure ciphers, decrypting, and inspecting SSL/TLS traffic to block prohibited content, and improving performance by reusing TLS sessions.
Highest Level of Threat Prevention
As organizations shift to more hybrid IT architectures, spanning from on-premises to the cloud, the attack surface continues to expand. And with threats more advanced and persistent than ever before, the protection against known and unknown exploits and attacker tactics becomes even more paramount.
FortiGate-VM received an AAA rating for blocking 100% of all exploits and evasions in the threat prevention tests. Organizations can use FortiGate-VM to protect trusted networks from untrusted networks while allowing only authorized communications to pass—thereby facilitating secure business use of the internet.
Strong Management and Reporting Capabilities
One of the key concerns for organizations adopting cloud is management and operational complexity. IT teams need solutions that enable them to apply consistent policies across on-premises and cloud deployments. It is vitally important for cloud network firewalls to have management and reporting capabilities that support authentication, including role-based access control, as well as policies for customization, logging, alert handling, summary reporting, and change control.
FortiGate-VM received the top AAA rating from CyberRatings for the Management and Reporting Capabilities section of their test. FortiGate-VM firewall rules and device configuration can be managed using native web interface. Alternately, the FortiManager management application can be used for larger deployments with tens or hundreds of FortiGate-VMs and physical firewalls.
Excellent NGFW Price/Performance (TCO)
Unlike Fortinet, many other cloud network firewall vendors lack the performance needed to deliver effective security at an optimal price point. In many cases they must scale out to many instances even to deliver a minimum level of performance that does not impact user experience, driving up operational costs.
Again, Fortinet received top scores in the CyberRatings Performance category. Because we believe that effective security should not break budgets, the FortiGate-VM cloud network firewall supports virtual SPU (security processor) technology that applies packet acceleration and other optimizations to deliver significant performance advantages at an optimal cost point. With Fortinet, organizations can right-size their investment without compromising security on the cloud.
At the Foundation of Integrated Cloud Security
Not only has Fortinet been validated as a top-flight achiever across CyberRatings’ five categories, as well as by other reviews in the past, we have also designed our solutions to interoperate as part of our unique Fortinet Security Fabric, comprised of a broad portfolio of converged networking and security offerings across endpoints, networks, and clouds. By connecting FortiGate-VM to the Fortinet Security Fabric, we can support hybrid networks (on-premises and in the cloud) and multi-cloud environments.
IT teams struggle to address the many challenges that come with cloud network security. They must deal with architectural complexities like elastic scaling, management complexities with multiple consoles for different security aspects like NGFW, NAT, logging, SSL VPN, IPsec VPN, etc., and fragmented policies between on-premises and cloud deployments. Fortinet simplifies all aspects of network security management and operations in the cloud.
Powered by FortiGuard services, FortiGate-VM delivers a consistent and agile network security solution that keeps up with the dynamic cloud environment through deep cloud-native integrations with AWS, Azure, Google Cloud, and Alibaba Cloud. It also secures virtual data center environments through seamless integrations with software-defined network platforms like VMware, Nutanix, OpenStack, and others.
For large-scale cloud and virtual data center environments with many FortiGate-VM virtual firewalls and/or FortiGate physical firewalls, FortiManager can be used as a single pane of management, and FortiAnalyzer can be used for deep visibility into security events.
FortiGate-VM deployed in the Security Fabric with other Fortinet security technologies and third-party products delivers full visibility and control across the entire attack surface in the cloud—helping reduce risk, improving compliance, increasing operational efficiency, and optimizing costs.
Commitment to Third-party Testing
Fortinet is committed to third-party testing because we know it can aid customers in the decision-making process. IT teams are always searching for the vendor that can best support their security needs, but they have to wade through marketing materials—all claiming the superiority of their solutions.
The problem is that no two vendors use the same standards for marketing the performance and functionality of their solutions, so window shopping is nearly impossible. When it comes to security, the stakes are extremely high. This is why we believe independent, unbiased third-party nonprofits like CyberRatings are invaluable.
Unbiased Ratings, Reports, and Advice
The CyberRatings team has a unique combination of experience and breadth of knowledge with three decades of security-product testing expertise and proficiency. It provides unbiased ratings, technical reports, and expert advice to help organizations understand their cyber-vulnerability profile.
CyberRatings has well-established relationships with most large and small security vendors and has built a strong trust with vendors and enterprises. As a result, its tests are designed and conducted to the highest technical standards with meaningful independence.
Download the CyberRatings Cloud Network Firewall Report and learn why FortiGate-VM should be an essential part of your cloud network security.