This website uses cookies to ensure you get the best experience on our website.
Please note that by continuing to use this site you consent to the terms of our Privacy and Data Protection Policy .
Some of our partner services are located in the United States. According to the case law of the European Court of Justice, there is currently no adequate data protection in the USA. There is a risk that your data will be controlled and monitored by US authorities. You cannot bring any effective legal remedies against this.

NGFW Egress C2 Test: Assessing the Effectiveness of Outgoing Network Traffic Prevention and Detection Capabilities

In June 2023, AV-Comparatives conducted an NGFW Egress C2 Test to evaluate the effectiveness of NGFW products in detecting and preventing malicious traffic. In targeted attacks, one of the goals of APT groups is to establish control over a compromised system by opening a command-and-control channel (C2) to the command-and-control server operated by the attacker. If the attacker has already gained access to the system via a trusted relationship, or has delivered malware using phishing or USB drives, they can use C2 malware to open the C2 channel.

No product got certified in the NGFW Egress C2 Test of 2023

In this test, AV-Comparatives focused on the effectiveness of NGFW products to detect and prevent outgoing network traffic from inside to outside the network, using various communication channels and protocols such as TCP, HTTP, DNS, etc. Certification reports are published only for vendors who achieved the certification (i.e. where all malicious traffic was blocked). Non-certified vendors received feedback in order to improve their product. Sadly, none of the products submitted in 2023 for this certification passed the test. However, the purpose of this focus-test is to help vendors improve their products by addressing the discovered issues before bad actors find and use them.

By providing this valuable information to the vendors, AV-Comparatives aims to ensure that both users and vendors benefit from the outcomes of such tests. In conclusion, AV-Comparatives will continue to conduct tests like these to provide valuable insights into the effectiveness of endpoint security solutions, NGFWs, and other security products so that users and vendors can enhance security measures and make the digital world safer for everyone.