Between June and September 2022, AV-TEST conducted a review of the secure web gateway (SWG), DNS-layer security, and DNS tunneling capabilities of Cisco Umbrella against comparable offerings from Cloudflare, DNSFilter, Iboss, Infoblox, Netskope, Palo Alto Networks, Skyhigh Security (formerly McAfee), and Zscaler.
The scope of this test focused on the secure web gateway and DNS-layer security, including the ability to detect and block DNS tunnels. The test was commissioned by Cisco and conducted by AV-TEST to determine the malware and phishing blocking capabilities of the various providers, as well as DNS tunneling protection.
To ensure a fair review, Cisco, as the sponsor, did not provide any samples (such as malicious or clean samples, URLs, or associated metadata) and had no influence or prior knowledge of the samples tested or the testing methodology. All products were configured to provide the highest level of protection for the specific test cases, using security-related features available at the time of testing.
The first and second part of the test focused on the detection rate of links pointing directly to malicious portable executable programs (PEs) “malware” (e.g., EXE files), links pointing to other forms of malicious files (e.g., HTML, JavaScript), as well as phishing URLs. A total of 3682 malicious samples were used for the secure web gateway test. The number of test cases for the DNS layer security test covered 3154 objects. All tested malicious links and samples were verified by AV-TEST as recent and active.
In these test cases, AV-TEST also evaluated the false positive ratings of each provider. AV-TEST evaluated known application downloads from HTTP and HTTPS websites. An additional false positive test was performed against known popular clean websites from the main Alexa list.
A total of 2,984 clean websites and downloads were used.
The third part of the test focused on testing the ability of the solutions to protect against the exfiltration of malicious data sent through DNS tunnels.
The results?
For the third time in a row, Cisco outperformed the competition and ranked No. 1 with industry-leading security effectiveness.
Cisco commissioned this test to determine how well vendors protected themselves against malware, phishing sites, malicious websites and DNS tunneling. This report covers:
- The methodology behind sample testing
- The total malicious file detection rate for each vendor.
- Validation of the effectiveness of Cisco Umbrella DNS and SWG layer security and DNS tunneling protection.
The following products and associated packages were tested:
- Cisco Umbrella – SIG Advantage
- Netskope – Secure Web Gateway
- Zscaler – Internet Access Transformation
- Palo Alto Networks – Prisma Access for Mobile Users
- Skyhigh Security – Secure Web Gateway
- Iboss – Zero Trust Edge
All services were configured to provide the highest level of protection, using all security-related features available at the time of testing.
Testing focused on protection against zero-day threats.
Solutel is your cybersecurity company if you want a secure network and effective information security to deal with threats.
Safety efficacy results
In the first part of the test, secure web gateway solutions were tested. A secure web gateway is based on a full web proxy that inspects all web connections. Unlike DNS layer security, which only analyzes domain names and IP addresses, a web proxy inspects all aspects of the connection and payload.
For the secure web gateway tests, the evaluated products listed below achieved the following blocking and false positive rates (ordered by best block detection rate):
https://www.solutel.com/post/cisco-umbrella-seguridad-cisco-en-la-nube-novedades/
