Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Evaluation Criteria of Firewalls

Status
Not open for further replies.

godonga

Technical User
Mar 19, 2006
25
ZA
Hi

I want to conduct a proof of concept on a certain firewall in view of replacing my current firewall. Both firewalls are for the high end market. I am wondering what you guys use out there as an evaluation criteria for the firewall, I really need to break it. Any Ideas?? best parctice info?? e.t.c. will be greatly appreciated.

Regards

G
 

What do you mean by "evaluation criteria"? You seem to imply that you want to test the "strength" of the firewall as opposed to full product selection criteria, which would include things like:

- scalability
- resilience
- performance
- vendor 'trustworthyness'
- vendor stability & longevity
- vendor support quality
- pricing models
- interoperability
- manageability
- ease of use
- deployment models
- etc

If you want to test the quality of the security then you probably need to target common exploits for the technology stack (e.g. for that product, range, or OS if based on linux for example) and then create a target plan for any rulesets you may commonly define. Also black box test the whole setup in a test lab (e.g. a mini network for this PoC) by adding common services / OS / apps behind the firewall and then trying to penetrate those without any preconceived knowledge of the firewall. There are quite a few tools for scanning/probing/testing, and even things like the metasploit framework that may help.

As a PoC, if you have the funds, why not set up a range of servers in a mininetwork/lab, ask the firewall vendors to 'secure' it with their firewall whilst allowing required services, then get an external security testing company to get passed the firewall and into your systems - with a focus on the firewall. There will be many other weaknesses other than the firewall of course, so you would need to filter out what was relevant. But a fun, competitive activity either way :)

=======================================
LessThanDot - The IT Community of the 21st Century

A smile is worth a thousand kind words. So smile, it's easy! :)
 
I am agreeing with damber on this. Along with metasploit, try using backtrack 2 (backtrack 3 should be out very soon). Backtrack 2 has a utility called firewalk, which you might find interesting for your test (there are plenty more tools that you will be able to use).
 
Thank you huys for your input it is very relevant. From the list you Provided Damper as an example how do I conduct a test for reliabilty, or resiliency and what tools? The firewalls in question are Checkpoint and Juniper.

Regards
G
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top