#United States #Austin #Google Cloud #CyberRatings #GCP NGFW

Google Cloud Platform's Next-Generation Firewall Test

A new evaluation of Google Cloud Platform's Next-Generation Firewall (GCP NGFW) has unveiled significant improvements in its security performance. Conducted by CyberRatings.org, a non-profit dedicated to enhancing cybersecurity confidence through independent testing, this evaluation marks a follow-up to a previous assessment completed in November 2024. The findings reveal an impressive leap in the security effectiveness score, climbing from a lackluster 50.57% to a robust 86.97%.

The Journey to Improvement

CEO Vikram Phatak of CyberRatings.org noted that the results from the earlier November test took both the cybersecurity community and Google's product team by surprise. Recognizing the need for improvement, Google's team inquired about potential enhancements to their firewall system and followed expert recommendations from CyberRatings.org. A key adjustment included modifying the default behavior of the firewall, which enhanced its defensive capabilities.

Understanding the Changes

The increased effectiveness stemmed from Google's implementation of the recommended changes, which focused on refining how the firewall managed vulnerabilities. Previously, the firewall was set to merely signal alerts for lower severity vulnerabilities while only fully blocking high-severity threats. With the adjusted settings, the firewall began proactively blocking threats across a broader scopes of vulnerabilities, specifically exploits that could harm server and cloud workloads.

Enhanced Test Results

In the recent testing, the firewall demonstrated its enhanced capacities against a barrage of exploits, utilizing the KeySight CyPerf 5.0 strikes library. This assessment focused solely on known Common Vulnerabilities and Exposures (CVEs) identified over the past decade that were rated medium or higher in severity. The testing, which evaluated both the original firewall settings and those based on CyberRatings recommendations, yielded the following results:


These figures highlight the tremendous impact of employing tailored security settings on improving overall firewall performance.

Industry Perspectives

Ian Foo, Chief Technology Officer and Executive Vice President of Product at CyberRatings.org, remarked, "This improvement underscores the value of fine-tuning security settings based on vendor best practice recommendations to maximize protection." The collaboration between CyberRatings and Google exemplifies how effective communication and shared objectives can lead to favorable results in cyber defense strategies.

Looking Ahead

The latest test for GCP is part one of a comprehensive two-part evaluation. The next phase scheduled for publication in March will assess a larger variety of exploits, including evasion techniques and malware threats, following the Cloud Network Firewall Methodology v3.0. This upcoming report will contrast native solutions from various cloud service providers with leading third-party firewalls, providing a deeper insight into the security landscape.

Enterprises seeking to replicate these findings are encouraged to utilize Keysight's CyPerf testing platform, which offers a two-week free trial. More details concerning Keysight’s offerings can be found on their website, further empowering organizations to enhance their cybersecurity frameworks.

CyberRatings.org is committed to providing independent assessments of cybersecurity tools, helping organizations worldwide to make informed and confident cybersecurity decisions. To view the full test report or to learn more about their methodology, visit their official website.