Zscaler Cloud Web Gateway Test

downloaded files from the sample URLs and notified the Zscaler Gateway after each URL. The Gateway allow or blocked the URL traffic. Webserver Malware-Collection Zscaler Cloud Web Gateway Router VPN Tunnel VPN Tunnel WWW AV-Test Client Figure 4: Test platform overview 3 Testing methodology AV-TEST received preconfigured appliances from Zscaler and was supported by a Zscaler engineer to setup the appliances. 1. Internet Access. The appliances had access to the Internet at all times in order to use any inthe-cloud queries. 2. Product Configuration. The product was run with the configuration supplied by Zscaler. The appliance was able to perform automatic signature updates all the time. 3. Testing. All files, except for the malicious URLs, were downloaded via http from the webserver to the client system using a Java client. For the URL testing, an additional client with direct internet access has been used to download the reference samples from the Internet. 4. Analysis. The downloaded files were compared with the original files (reference files at URL testing) by MD5 hash. For verifying the results, the appliance report files were analyzed. The static set of files consisted of 11,567 malicious PE files (Prevalent Malware).The dynamic tests were performed using 6,049 working malicious URLs. Test Results Test #1: Real World protection rate Real World threats are typically identified through the Web Gateways ability to open up content for inspection coupled with whatever proactive scanning abilities and cloud intelligence a vendor may provide. A block can be based on URL filtering or Web Reputation services, by signatures or heuristic scanning of the provided content, and other inspection and filtering technologies. In this case 5892 of the 6049 malicious URLs were blocked. With this results Zscaler Web Gateway has a good protection rate of 97.40%. Test #2: Sandbox detection rate The total number of malicious samples tested was 11,567. This includes the following number of samples: 770 Backdoors, 558 Bots, 477 Trojan Downloader, 532 Trojan Dropper, 7,993 Trojan Generic, 179 Trojan Password Stealer, 733 Viruses, 211 Worms, 114 Rogue Software as well as 3,059 potentially unwanted applications (PUA). This test focuses on the generic malware detection and blocking capabilities, especially on the signature-based detection as well as generic and heuristic technologies. 4
Please complete the form to gain access to this content