Feeds

Vendors complete tougher ICSA 4.0 firewall tests

Segmentation

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

ComputerWire: IT Industry Intelligence

ICSA Labs, which provides one of the most important certifications firewall vendors strive for, said yesterday it has completed the first wave of tests of product against version 4.0 of its certification criteria,

writes Kevin Murphy

.

For the first time, ICSA has also split its certification into three categories and is awarding three different certification logos - for residential, small and medium business, and corporate firewall products.

"Firewall vendors didn't want a firewall that costs $100,000 to buy to have the same certification as one costing $200," said ICSA Labs program manager Brian Monkman. "The one-size-fits-all criteria doesn't work any more."

There will be a Baseline Firewall Module certification that all products will be required to pass. On top of that, vendors will submit their firewalls to a category depending on what market they are targeting. Each category has different functionality criteria.

The first products to pass the 4.0 test at the corporate level are: CyberGuard's Firewall Appliance, Novell's BorderManager Firewall, NetScreen's Firewall Family, Intoto's iGateway, Cisco's PIX, GTA's Family of Firewalls, Check Point's Firewall-1 NG on Linux, Nortel's Alteon Switched Firewall and FortiNet's FortiGate Family.

"No product passed in the first round, and some of these products were ones that had previously passed the 3.0 criteria," said Monkman. "A number of vendors had to make significant changes to their products to achieve certification."

He added that a "handful" of vendors did not make the fixes in time to be certified in the first wave, a problem he said appeared to be mainly resource-based. No vendors have yet met the SMB category certification.

One of the main differences between the levels of certification is the default configuration requirement. Residential users want a plug-n-play firewall that lets nothing through it by default, whereas corporate users require greater flexibility and almost certainly want to run a web server and email server behind the firewall.

Among other changes in 4.0 are stricter requirements on logging, handling of protocols including FTP and DHCP, and blocking fragmented packets. The actual tests, which include simulated attacks, have also evolved and are likely to evolve as more methods of attack are discovered.

"If one of my staff, or some yahoo out on the internet, discovers a new way to throw twisted packets at a firewall, we'll look at it, and if there's the potential for penetration we'll work it into the tests," said Al Potter, manager of network security at ICSA Labs.

© ComputerWire

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.