(EC)DHE cipher suites do not guarantee Forward Secrecy. It depends how the server is configured, is there any way SSLtest can detect this?
"So, to be clear about ECDHE and DHE, the server *CAN* provide perfect
forward secrecy, but it doesn't have to. The "ephemeral key" could
simple be another permanent key (or one of several thousands). It's
important to note that a properly implemented DHE/ECDHE is 3 times
slower than DH or ECDH (The latter does a signature, key gen, and key
derive (each doing one group operation), the former simply does a
derive). This cost is born by the server."
Also it can be killed by Session Tickets:
Is there a way to test for proper Session Tickets implementation?
Btw, I saw that if your browser does not support Session Tickets, the SSL Client test will show a yellow No. I thought that Session Tickets are mainly for decreasing resource usage on servers, or does it also bring security?