1.866.352.6691 | INTL 1.512.821.6000
You are here: Home Resources Newsletter The Test Insider Volume 6: Critical Role of Resiliency Testing to Federal Cyber Security
null

Your information will be kept private. Refer to our privacy policy.

*E-Mail:

First Name:

Last Name:

Title:

Company:


E-mail Type:
HTML
Text

The Test Insider Volume 6: Critical Role of Resiliency Testing to Federal Cyber Security

The U.S. Government is facing challenges on many different front, both foreign and domestic. With so many different simultaneous challenges are we in danger of ignoring perhaps the greatest threat; the gaping holes and vulnerabilities evident in the nation's cyber infrastructure? The time is now to test the resiliency of the network devices, application servers and overall services provided by the U.S. cyber infrastructure.

In our continuing effort to provide the latest in testing techniques, we have dedicated this volume of The Test Insider to discuss ways in which you can test for network resiliency and help in the cyber security mission. We have compiled articles that tackle the challenges of staying current in IPv6 testing, the keys to making USCYBERCOM a success, the key criteria for resiliency testing and more. Together these informational pieces will help you accurately and more quickly test network devices and application servers to meet the demanding requirements of cyber security.

Enjoy and keep on testing!

Quick Links:

Resiliency Testing Critical to U.S. Cyber Infrastructure

The U.S. Cyber Infrastructure is hammered by more sophisticated and dangerous attacks, while performance issues caused by immense growth and application complexity only serve to complicate the situation. As the United States Government moves forward with initiatives to protect and improve the cyber infrastructure, testing of network equipment and application servers must evolve to include these unique aspects. This includes the ability to test for resiliency. Read why resiliency testing is critical for protecting the U.S. cyber infrastructure.

Testing IPv6? Check Your Expiration Date

The current blend of IPv4 and IPv6 network traffic can have serious repercussions on network device and application server performance and security. Only through testing IPv6-aware firewalls, intrusion detection systems and other network devices using both IPv4 and the most current IPv6 traffic, can you certify device resiliency and meet mandates for IPv6 compliance. IPv6 has changed a lot since the original standards. For example, if your testing tool cites RFC 2462, which many do, your tests are worthless because they are giving you a false sense of IPv6 compliance. One must also question whether the IPv6 testing being done by the National Institute of Standards and Technology (NIST) is using the most current standard.Read about the importance of dual-stack IPv6 testing using the most current standard.

How-to Use Capture and Recreate to Accelerate Debugging

In a two-part series, BreakingPoint's Kirby Kuehl provides detailed step-by-step instructions on using capture and recreate functionality to accelerate debugging and validate the functionality and performance of your device. The first post examines importing IPv6 capture files, importing gzipped capture files, using raw playback, Berkeley Packet Filter (BPF) and more. In his follow up post Kirby takes you through TCPDUMP captures and replay, examining a TCPDUMP packet capture file in detail, defining the test criteria for an imported pcap and more.

Four Critical Priorities for USCYBERCOM

During most of the past year, military and cyber security experts have been calling for the creation of the United States cyber command, or USCYBERCOM, and that has recently become a reality. USCYBERCOM is mandated to address the current risks and "secure freedom of action in cyberspace". On September 1, 2009 the USCYBERCOM will present their initial plan to the Department of Defense. Speaking with industry experts prior to this deadline it is clear that there are several top priorities for USCYBERCOM to address immediately. Review the top four priorities for USCYBERCOM and join the conversation on what should be addressed sooner rather than later.

The Cyber Security Coordinator; Does Anyone Want this Job?

President Obama has laid out his administration's plan to shore up U.S. cyber security, including a new appointment to the role of "cyber security czar" (er coordinator), a position formerly part of the Department of Homeland Security (DHS). We asked readers to chime in with proposed interview questions. Your interview questions provide insight into why it is going to be very hard to fill the role of cyber security coordinator and even harder for that person to succeed in the job.