NGFW Egress C2 Certification – Bitdefender GravityZone Business Security Enterprise

Introduction

Every year, AV-Comparatives provides a focus pen-test, to which vendors can apply to get certified. This year we focus on “NGFW Egress C2” (Command and Control). Certification reports are published only for vendors who achieved the certification (i.e. where malicious traffic was blocked). Non-certified vendors received feedback in order to improve their product.

One of the most important aims of a targeted attack/APT is to establish control over a compromised system in the targeted network. Therefore, malicious software (malware) is often used to open a command-and-control channel (C2) to the command-and-control server, which is operated by the attacker. If the attacker already has access to the system (via trusted relation or valid account) or was able to deliver malware by e.g. phishing or USB drive, they will then use C2 malware to open the C2 channel. The installed endpoint security product builds the first line of defence, but even the best products can be bypassed by APT groups. This means that the malicious-traffic prevention and detection capabilities of NGFWs are becoming more and more important. Therefore, we want to introduce the NGFW Egress C2 Test to check the effectiveness of NGFW products.

In most cases, firewalls provide very good protection against outside-to-inside attacks (i.e. attempts to penetrate the network from outside). However, when a targeted attack tries to open a C2 channel, the network traffic initially flows from inside to outside. Therefore, we will focus in this test on the outgoing network traffic prevention and detection capabilities in the context of well-known C2 products and C2 ransomware profiles.

At the end of the test, each vendor received a short report, showing the results of the different test phases. The main goal of this test is to measure the effectiveness of the outgoing network traffic prevention/detection capabilities in each product, and to help to improve them where necessary.

Deliverables

In case of a miss the vendor receives:

• Wireshark Log
• Screen recording
• Product logs

Tested Products

In this test, the following up-to-date and latest publicly available product was submitted by the vendor and tested in November 2025:

• Bitdefender GravityZone Business Security Enterprise 7.9

Settings

In business environments, and with business products in general, it is usual for products to be configured by the system administrator in accordance with vendor’s guidelines, and so we invited all vendors to configure their respective products.

Below we have listed the product settings applied by the vendor.

Bitdefender: all detection/protections technologies were disabled, except for the network: Antimalware disabled, Sandbox Analyzer disabled, Exchange Protection disabled, Antispam disabled, Incident Sensor disabled, Blocklist disabled. In Network Protection, everything was enabled and set to block.

Test Procedure

In this test, our focus is on evaluating whether it is possible to bypass NGFWs and open a stable C2 channel. Therefore, we will focus on the network traffic prevention capabilities in context of well-known C2-frameworks, C2-ransomware profiles etc.

How is a stable C2 defined for this test?

A command-and-control channel that isn’t prevented by the NGFW and the attacker/tester can use the C2 channel for stable post-exploitation activities that are executed over the C2 channel using the appropriate C2 framework.

Scope

For certification purposes, we assess whether it has been possible to open a stable C2 without getting blocked by the NGFW product.

For example:​

• Trick Bot C2 traffic was prevented → This is our result​.
• TCP Meterpreter traffic wasn’t prevented → This is our result.

 Out of Scope

AV, EPP and EDR evaluation as first line of defense is out of scope. The focus is not on execution prevention; instead, the test concentrates only on C2 traffic prevention. No AV, EPP or EDR solutions will be installed on the Windows endpoint, or at least no endpoint protection related modules or features will be enabled. AV, EPP and EDR products may participate, but only their network-based prevention and detection modules are allowed to be active. Signature-based and behavior-based malware prevention or detection features are not in scope and must remain disabled.

 ​Configuration

Any product-specific C2-traffic protection should be enabled by each vendor, for example:​

• Block well-known ransomware C2-profiles (IOCs)​
• Block C2-traffic from well-known C2-frameworks (IOCs)​
• Configuration must be validated and accepted by AV-Comparatives​
• Not practicable configurations are not allowed.
• The configuration will be disclosed in the report.

Test Results

In order to be approved by AV-Comparatives for NGFW Egress C2 protection, all malicious traffic scenarios run during the test must be blocked. We simulated different types of malicious Command and Control (C2) traffic, to test whether or not the NGFW / network protection successfully blocks the respective C2 traffic.

Only products which were submitted for the NGFW Egress C2 Test, and which passed the test, are published. Bitdefender GravityZone Business Security Enterprise reached the certification requirements, i.e. it blocked all the malicious traffic used in this test. No other product was certified this year. This test will be offered again in 2026.

Successfully blocked all the malicious C2 traffic scenarios used in this test.

 

The following HTTP command and control traffic profiles have been tested against:

1.	Meterpreter
2.	Etumbot
3.	Havex
4.	POSeidon
5.	Trick_Ryuk
6.	Emotet
7.	Trickbot
8.	Gandcrab
9.	Bazarloader
10.	Covid19_Koadic

 

Notes: In scenarios 8 (Grandcrab) and 9 (Bazarloader), a stable C2 channel could be established, but all post-exploitation communication was successfully blocked.

Copyright and Disclaimer

This publication is Copyright © 2025 by AV-Comparatives ®. Any use of the results, etc. in whole or in part, is ONLY permitted after the explicit written agreement of the management board of AV-Comparatives prior to any publication. AV-Comparatives and its testers cannot be held liable for any damage or loss, which might occur as result of, or in connection with, the use of the information provided in this paper. We take every possible care to ensure the correctness of the basic data, but a liability for the correctness of the test results cannot be taken by any representative of AV-Comparatives. We do not give any guarantee of the correctness, completeness, or suitability for a specific purpose of any of the information/content provided at any given time. No one else involved in creating, producing or delivering test results shall be liable for any indirect, special or consequential damage, or loss of profits, arising out of, or related to, the use or inability to use, the services provided by the website, test documents or any related data.

For more information about AV-Comparatives and the testing methodologies, please visit our website.

AV-Comparatives
(December 2025)