The Test Insider Newsletter Takes a Look at Cyber Security

Our blog is a great source of information and many of you know about our Twitter feed and LinkedIn Group. Today we sent out Volume VI of our email newsletter, "The Test Insider", a resource perhaps you had not known about. To introduce you to The Test Insider I have reprinted half of the stories from the newsletter below. Check it out and if you are interested you can sign up to receive The Test Insider on a regular basis (not to mention we'll ship you our Layer 2-7 testing poster).

Test Insider Volume VI:

"Critical Role of Resiliency Testing to Federal Cyber Security"

The U.S. Government is facing challenges on many different fronts, both foreign and domestic. With so many different simultaneous challenges are we in danger of ignoring perhaps the greatest threat; the gaping holes and vulnerabilities evident in the nation’s cyber infrastructure? The time is now to test the resiliency of the network devices, application servers and overall services provided by the U.S. cyber infrastructure.

In our continuing effort to provide the latest in testing techniques, we have dedicated this volume of The Test Insider to discuss ways in which you can test for network resiliency and help in the cyber security mission. We have compiled articles that tackle the challenges of staying current in IPv6 testing, the keys to making USCYBERCOM a success, the key criteria for resiliency testing and more. Together these informational pieces will help you accurately and more quickly test network devices and application servers to meet the demanding requirements of cyber security.

1. Resiliency Testing Critical to U.S. Cyber Infrastructure

The U.S. Cyber Infrastructure is hammered by more sophisticated and dangerous attacks, while performance issues caused by immense growth and application complexity only serve to complicate the situation. As the United States Government moves forward with initiatives to protect and improve the cyber infrastructure, testing of network equipment and application servers must evolve to include these unique aspects. This includes the ability to test for resiliency. Read why resiliency testing is critical for protecting the U.S. cyber infrastructure.

2. Testing IPv6? Check Your Expiration Date

The current blend of IPv4 and IPv6 network traffic can have serious repercussions on network device and application server performance and security. Only through testing IPv6-aware firewalls, intrusion detection systems and other network devices using both IPv4 and the most current IPv6 traffic, can you certify device resiliency and meet mandates for IPv6 compliance. IPv6 has changed a lot since the original standards. For example, if your testing tool cites RFC 2462, which many do, your tests are worthless because they are giving you a false sense of IPv6 compliance. One must also question whether the IPv6 testing being done by the National Institute of Standards and Technology (NIST) is using the most current standard.Read about the importance of dual-stack IPv6 testing using the most current standard.

3. Four Critical Priorities for USCYBERCOM

During most of the past year, military and cyber security experts have been calling for the creation of the United States cyber command, or USCYBERCOM, and that has recently become a reality. USCYBERCOM is mandated to address the current risks and "secure freedom of action in cyberspace". On September 1, 2009 the USCYBERCOM will present their initial plan to the Department of Defense. Speaking with industry experts prior to this deadline it is clear that there are several top priorities for USCYBERCOM to address immediately. Review the top four priorities for USCYBERCOM and join the conversation on what should be addressed sooner rather than later.