Testing protection against fully featured attacks

Our Advanced Security test is unique, in that we test products by running a full attack. We follow every step of a breach attempt to ensure that the test is as realistic as possible. In this test we assess the capabilities of the Cisco Secure Firewall 4225.

Loading…

Taking too long?

Reload document

| Open in new tab

Download

Factsheet

Cisco Secure Firewall 4225

Early Protection Systems

There are many opportunities to spot and stop attackers. Products can detect them when attackers send phishing emails to targets. Or later, when other emails contain links to malicious code. Some kick into action when malware enters the system. Others sit up and notice when the attackers exhibit bad behaviour on the network.

Regardless of which stages your security takes effect, you probably want it to detect and prevent before the breach runs to its conclusion in the press.

Our Advanced Security test is unique, in that we test products by running a full attack. We follow every step of a breach attempt to ensure that the test is as realistic as possible.

This is important because different products can detect and prevent threats differently.

Ultimately you want your chosen security product to prevent a breach one way or another, but it’s more ideal to stop a threat early, rather than watch as it wreaks havoc before stopping it and trying to clean up.

Some products are designed solely to watch and inform, while others can also get involved and remove threats either as soon as they appear or after they start causing damage.

For the ‘watchers’ we run the Advanced Security test in Detection mode. For ‘stoppers’ like Cisco Secure Firewall 4225 we can demonstrate effectiveness by testing in Protection Mode.

In this report we look at how Cisco Secure Firewall 4225 handled full breach attempts. At which stages did it detect and protect? And did it allow business as usual, or mis-handle legitimate applications?

Understanding the capabilities of different security products is always better achieved before you need to use them in a live scenario. SE Labs’ Advanced Security test reports help you assess which are the best for your own organisation.

How we test the Cisco Secure Firewall 4225

SE LABS tested Cisco Secure Firewall 4225 against targeted attacks based on Threat Series: 9

These attacks are designed to compromise systems and penetrate target networks in the same way as the advanced persistent hacking groups known as Scattered Spider and APT29 operate to breach systems and networks.

Full chains of attack were used, meaning that testers behaved as real attackers, probing targets using a variety of tools, techniques and vectors before attempting to gain lower-level and more powerful access. Finally, the testers/attackers attempted to complete their missions, which might include stealing information, damaging systems and connecting to other systems on the network.

Choose your reports and reviews carefully

Testing protection against fully featured attacks

Our Advanced Security test is unique, in that we test products by running a full attack. We follow every step of a breach attempt to ensure that the test is as realistic as possible.

Loading…

Taking too long?

Reload document

| Open in new tab

Download

Factsheet

VMware vDefend Advanced Threat Prevention

SE Labs tested VMware NSX Network Detection and Response against a range of hacking attacks designed to compromise systems and penetrate target networks in the same way as criminals and other attackers breach systems and networks.

VMware NSX Breach Response Test

Full chains of attack were used, meaning that testers behaved as real attackers, probing targets using a variety of tools, techniques and vectors before attempting to gain lower-level and more powerful access. Finally, the testers/attackers attempted to complete their missions, which might include stealing information, damaging systems and connecting to other systems on the network.

Loading…

Taking too long?

Reload document

| Open in new tab

Download

Tested products from:

VMware

APT groups include:

• FIN7 & Carbanak
• OilRig
• APT3
• APT29