“During the NSS Labs 2018 Next Generation Firewall (NGFW) Group Test, the Check Point 15600 Next Generation Threat Prevention (NGTP) Appliance R80.20 failed to detect five evasions and did not pass all of the stability and reliability tests.”
After some tweaking (bug-fix for stability?), NSS Labs published the following:
“After working closely with NSS, Check Point updated its software and released Check Point 15600 Next Generation Threat Prevention (NGTP) Appliance R80.20 OS build 2 (IPS signature: package 635184905). The updated device was subjected to testing under the same NGFW Test Methodology v8.0 and appropriately handled 190 out of the 190 evasions it was tested against. Furthermore, the device passed all stability and reliability tests, improving its exploit block rate by 0.45% and improving performance by 435 Mbps.”
One unfortunate piece I have noticed though is that despite the new test results, the SVM has not been updated: Check Point is still shown to be in the bottom left corner.
So is there a silver lining to this? I suppose one thing that could be said is that it will quiet any of the skeptics that might have suggested that Check Point (and others) have somehow been paying for their results. BTW, as far as paying for results, you should absolutely look at subscribing to the NSS Labs materials: they have information that is actually usable as opposed to some of the other jokers out there.
And finally, in the Check Point R80.20 EA portal there is the following disclaimer at the bottom of the page:
I would like to suggest the following modification (just so there are no future mix-ups):