Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Evaluation Criteria of Firewalls

Status
Not open for further replies.
godonga

godonga

Technical User
Mar 19, 2006
25
0
0
ZA
Hi

I want to conduct a proof of concept on a certain firewall in view of replacing my current firewall. Both firewalls are for the high end market. I am wondering what you guys use out there as an evaluation criteria for the firewall, I really need to break it. Any Ideas?? best parctice info?? e.t.c. will be greatly appreciated.

Regards

G
 
Sort by date Sort by votes

What do you mean by "evaluation criteria"? You seem to imply that you want to test the "strength" of the firewall as opposed to full product selection criteria, which would include things like:

- scalability
- resilience
- performance
- vendor 'trustworthyness'
- vendor stability & longevity
- vendor support quality
- pricing models
- interoperability
- manageability
- ease of use
- deployment models
- etc

If you want to test the quality of the security then you probably need to target common exploits for the technology stack (e.g. for that product, range, or OS if based on linux for example) and then create a target plan for any rulesets you may commonly define. Also black box test the whole setup in a test lab (e.g. a mini network for this PoC) by adding common services / OS / apps behind the firewall and then trying to penetrate those without any preconceived knowledge of the firewall. There are quite a few tools for scanning/probing/testing, and even things like the metasploit framework that may help.

As a PoC, if you have the funds, why not set up a range of servers in a mininetwork/lab, ask the firewall vendors to 'secure' it with their firewall whilst allowing required services, then get an external security testing company to get passed the firewall and into your systems - with a focus on the firewall. There will be many other weaknesses other than the firewall of course, so you would need to filter out what was relevant. But a fun, competitive activity either way :)

=======================================
LessThanDot - The IT Community of the 21st Century

A smile is worth a thousand kind words. So smile, it's easy! :)
 
Upvote 0 Downvote
I am agreeing with damber on this. Along with metasploit, try using backtrack 2 (backtrack 3 should be out very soon). Backtrack 2 has a utility called firewalk, which you might find interesting for your test (there are plenty more tools that you will be able to use).
 
Upvote 0 Downvote
Thank you huys for your input it is very relevant. From the list you Provided Damper as an example how do I conduct a test for reliabilty, or resiliency and what tools? The firewalls in question are Checkpoint and Juniper.

Regards
G
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

spamjim
  • Locked
  • Question
Unintentional sharing of form data with Microsoft
Replies
0
Views
48
spamjim
spamjim
iolair
  • Locked
  • Question
Firewalls
Replies
8
Views
60
iolair
iolair
DawnP
  • Locked
  • Question
Documentation Needed Showing Importance of Access Control
Replies
1
Views
47
Textron68
Textron68
SysAdmMke
  • Locked
  • Question
Logging on to Workstation as a Local Admin instead of Domain Admin
Replies
5
Views
60
Grenage
Grenage
felix58
  • Locked
  • Question
proper programming of a new dsc security system using the keypad
Replies
0
Views
38
felix58
felix58

Part and Inventory Search

Sponsor

Back
Top