Feeds

Vendors complete tougher ICSA 4.0 firewall tests

Segmentation

  • alert
  • submit to reddit

Using blade systems to cut costs and sharpen efficiencies

ComputerWire: IT Industry Intelligence

ICSA Labs, which provides one of the most important certifications firewall vendors strive for, said yesterday it has completed the first wave of tests of product against version 4.0 of its certification criteria,

writes Kevin Murphy

.

For the first time, ICSA has also split its certification into three categories and is awarding three different certification logos - for residential, small and medium business, and corporate firewall products.

"Firewall vendors didn't want a firewall that costs $100,000 to buy to have the same certification as one costing $200," said ICSA Labs program manager Brian Monkman. "The one-size-fits-all criteria doesn't work any more."

There will be a Baseline Firewall Module certification that all products will be required to pass. On top of that, vendors will submit their firewalls to a category depending on what market they are targeting. Each category has different functionality criteria.

The first products to pass the 4.0 test at the corporate level are: CyberGuard's Firewall Appliance, Novell's BorderManager Firewall, NetScreen's Firewall Family, Intoto's iGateway, Cisco's PIX, GTA's Family of Firewalls, Check Point's Firewall-1 NG on Linux, Nortel's Alteon Switched Firewall and FortiNet's FortiGate Family.

"No product passed in the first round, and some of these products were ones that had previously passed the 3.0 criteria," said Monkman. "A number of vendors had to make significant changes to their products to achieve certification."

He added that a "handful" of vendors did not make the fixes in time to be certified in the first wave, a problem he said appeared to be mainly resource-based. No vendors have yet met the SMB category certification.

One of the main differences between the levels of certification is the default configuration requirement. Residential users want a plug-n-play firewall that lets nothing through it by default, whereas corporate users require greater flexibility and almost certainly want to run a web server and email server behind the firewall.

Among other changes in 4.0 are stricter requirements on logging, handling of protocols including FTP and DHCP, and blocking fragmented packets. The actual tests, which include simulated attacks, have also evolved and are likely to evolve as more methods of attack are discovered.

"If one of my staff, or some yahoo out on the internet, discovers a new way to throw twisted packets at a firewall, we'll look at it, and if there's the potential for penetration we'll work it into the tests," said Al Potter, manager of network security at ICSA Labs.

© ComputerWire

Boost IT visibility and business value

More from The Register

next story
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.