JANUARY 19, 2009

Firewall Testing Methodology Published

At the end of the year we held our firewall testing webcast which drew a nice crowd and a very interactive conversation about the need to update firewall testing methods. In that effort BreakingPoint has published its firewall testing methodology. The quote from BreakingPoint CTO Dennis Cox in the news release gives a nice summary:

“Firewalls are complex devices that no longer simply look at TCP headers or IP packs; today they incorporate technologies such as rate shaping and deep packet inspection. At the same time, Firewall testing failures and their subsequent performance and security problems in deployment has led to a reexamination of testing methods and even testing tools. People are beginning to realize that to test any network device, including Firewalls, you must provide the most realistic testing environment possible. The Firewall in your network will need to handle stateful application traffic, dynamic rule sets, live exploit tests, realistic device configuration, increasing data speeds and probably much more. You need to be testing the device in the exact same way.”

Download the firewall testing methodology.

As we discussed after publishing the DPI Testing Methodology and the IPS Testing Methodology, we look forward to your feedback on the methodology.