Feeds

Vendors complete tougher ICSA 4.0 firewall tests

Segmentation

  • alert
  • submit to reddit

Next gen security for virtualised datacentres

ComputerWire: IT Industry Intelligence

ICSA Labs, which provides one of the most important certifications firewall vendors strive for, said yesterday it has completed the first wave of tests of product against version 4.0 of its certification criteria,

writes Kevin Murphy

.

For the first time, ICSA has also split its certification into three categories and is awarding three different certification logos - for residential, small and medium business, and corporate firewall products.

"Firewall vendors didn't want a firewall that costs $100,000 to buy to have the same certification as one costing $200," said ICSA Labs program manager Brian Monkman. "The one-size-fits-all criteria doesn't work any more."

There will be a Baseline Firewall Module certification that all products will be required to pass. On top of that, vendors will submit their firewalls to a category depending on what market they are targeting. Each category has different functionality criteria.

The first products to pass the 4.0 test at the corporate level are: CyberGuard's Firewall Appliance, Novell's BorderManager Firewall, NetScreen's Firewall Family, Intoto's iGateway, Cisco's PIX, GTA's Family of Firewalls, Check Point's Firewall-1 NG on Linux, Nortel's Alteon Switched Firewall and FortiNet's FortiGate Family.

"No product passed in the first round, and some of these products were ones that had previously passed the 3.0 criteria," said Monkman. "A number of vendors had to make significant changes to their products to achieve certification."

He added that a "handful" of vendors did not make the fixes in time to be certified in the first wave, a problem he said appeared to be mainly resource-based. No vendors have yet met the SMB category certification.

One of the main differences between the levels of certification is the default configuration requirement. Residential users want a plug-n-play firewall that lets nothing through it by default, whereas corporate users require greater flexibility and almost certainly want to run a web server and email server behind the firewall.

Among other changes in 4.0 are stricter requirements on logging, handling of protocols including FTP and DHCP, and blocking fragmented packets. The actual tests, which include simulated attacks, have also evolved and are likely to evolve as more methods of attack are discovered.

"If one of my staff, or some yahoo out on the internet, discovers a new way to throw twisted packets at a firewall, we'll look at it, and if there's the potential for penetration we'll work it into the tests," said Al Potter, manager of network security at ICSA Labs.

© ComputerWire

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
Think crypto hides you from spooks on Facebook? THINK AGAIN
Traffic fingerprints reveal all, say boffins
prev story

Whitepapers

A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.