1 / 14

The Value of ICSA Labs Network IPS Testing

The Value of ICSA Labs Network IPS Testing. Jack Walsh, ICSA Labs, Panel Moderator Panelists: Dr. Terence Liu, BroadWeb Corporation Chris Simmons, Fortinet Inc. Benny Benegal, IBM Internet Security Systems Brian Smith, TippingPoint, a division of 3Com . 2/7/07 – Session Code: DEF-202.

lowell
Download Presentation

The Value of ICSA Labs Network IPS Testing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The Value of ICSA Labs Network IPS Testing Jack Walsh, ICSA Labs, Panel Moderator Panelists: Dr. Terence Liu, BroadWeb Corporation Chris Simmons, Fortinet Inc. Benny Benegal, IBM Internet Security Systems Brian Smith, TippingPoint, a division of 3Com . 2/7/07 – Session Code: DEF-202

  2. Agenda • Background on ICSA Labs & Network IPS Testing program • Questions for the panel • Audience questions for the panel

  3. Background on ICSA Labs • Founded in 1989 • Security industry’s central authority for certification testing • Testing products and solutions since 1991 • Vendor neutral • ISO 9001:2000 Certified • Test security products from technologies that include: • Anti-Virus, Firewall, IPsec VPN, SSL VPN, Anti-Spyware, and Web Application Firewall products

  4. Network IPS Testing - History • First Round • Began late 2005 • Ended June 2006 • Since then • Network IPS testing is ongoing against all candidate devices • New vendors have submitted products for testing • Aperiodic Testing • Largely because of Vulnerability Set updates • Certified products must maintain certification

  5. ICSA Labs Network IPS Certified • Four Vendors have certified Network IPS devices • BroadWeb’s NetKeeper 3256P • Fortinet’s FortiGate Multi-Layered Security Systems (13 models) • IBM Internet Security Systems’ Proventia G400 Network IPS • TippingPoint’s TippingPoint 5000E

  6. Network IPS Testing - Key Characteristics • Real Background traffic • Test vulnerabilities relevant to enterprise end users • Includes DoS testing • Independent, Objective & Pass/Fail • Test critical capabilities simultaneously • Continuous Deployment – aperiodic testing • Testing Program – provides assurance to enterprise users

  7. Panel Question #1 • Some organizations already have host or network based IDS, SIMS, Network analysis tools, and other security management systems in place. What considerations must be made for a network IPS to fit into an organization's current environment?

  8. Panel Question #2 • When end user organizations evaluate a Network IPS, should they do more than test what attacks it can block? If so, why? If not, why not?

  9. Panel Question #3 • What are some common pitfalls for end users to avoid when evaluating Network IPS devices?

  10. Panel Question #4 • Businesses may be reluctant to enable not just attack detection but also attack prevention due to vendor trust issues and the fear of breaking legitimate applications. How can such businesses gain more confidence that Network IPS devices will not adversely affect legitimate network traffic?

  11. Panel Question #5 • Describe your experience with ICSA Labs' Network IPS certification testing?

  12. Panel Question #6 • What did you find different about ICSA Labs Network IPS certification testing as compared to other third-party testing programs?

  13. Panel Question #7 • Given the rapidly evolving nature of threats, does ICSA Labs certification testing quantify clearly enough the types of protections that must be provided to have value in the marketplace?

  14. Panel Question #8 • What recommendations would you make to end users or other Network IPS vendors about ICSA Labs Network IPS certification testing?

More Related