ICSA Labs Blog: Firewalls

How Much Security Testing is in ICSA Labs “Secure” SD-WAN Testing?

The super succinct answer to the question posed in the blog title is, “quite a bit, actually!”  Of course, a blog posting minus a more detailed explanation, wouldn’t really be a blog worth reading.  What follows then is a more in-depth answer, preceded by a brief refresher about how we got to needing Software-defined Wide Area Network (SD-WAN) technology in the first place.
The WAN topology known as SD-WAN became necessary as companies began to witness an increasing number of users, coming from an increasing number of locations, using

Understanding the benefits of ICSA Labs certification

Knowing the benefits of certification is important for security product vendors and enterprises to understand.

The first step is to understand what certification is and what it is not.

Weighing Firewall and Cloud Security Challenges

Explaining the purpose of a firewall is often very easily answered with a simple analogy: it is like a gatekeeper, border control, or security at the entrance of a building. The firewall’s role is to decide what can pass through your network, and what cannot.

We were asked recently to give a real-world analogy to explain where the cloud resides in this picture – where is the cloud in relation to the firewall? Is it above it? Beside it? Inside it?

Why Certify? The Significance of ICSA Labs Certification

When it comes to security, many vendors consider certification of its products by an independent organization an option, not a requirement. However, third party testing is an important element when a company is deciding on technology solutions that are part of its security management program.

Q&A: George Japak of ICSA Labs Offers Advice around NCSA Month

This month marks the 11th anniversary of National Cyber Security Awareness Month (NCSAM) where raising awareness about cybersecurity is a top priority for both the public and private sector.

The Flame Reality & Swiss Cheese Security

Two articles appeared overnight that got me thinking. The first is a Reuter’s piece that says Iran has discovered and preempted a “massive, new cyber attack”. No real details are available, so it might be so, or it might not. It might even just be talking about Flame. http://www.reuters.com/article/2012/06/21/us-iran-cyber-nuclear-idUSBRE85K1EA20120621

When Ages and Revolutions Converge

As this is my first post on ICSA Labs’ blog, I thought I’d take a little bit of time to explain how I currently see the malware world. For those who don’t know me, I’ve been dealing with viruses and assorted malware since 1987, which is about when the first viruses appeared.

Verizon Launches 2011 Data Breach Investigation Report – What Does It Mean for You?

On April 19, Verizon issued its much-anticipated 2011 Data Breach Investigations Report (DBIR).  This report has become the seminal report for the security community, and is eagerly awaited for each year. 

Some key takeaways from this year’s report:

Confused about new Texas Law, Title 10, Section 2059.060? Read the law itself.

The state of Texas recently had a law go into effect (on Dec. 1, 2010) that impacts the security product testing industry, including ICSA Labs.  The law has attracted a significant amount of attention, some of which is inaccurate. 

The law—and the administrative code that provides rules on implementation—includes a section that clearly and succinctly defines terms.  I encourage you to read the law yourselves, quotations and links provided below. 

How to Select a Network Firewall

So you are looking to update or change out your existing firewall. Or perhaps you are purchasing a new firewall to supplement your existing security program. Or you are considering a new firewall based on the new functionality you have heard or read about. 

The obvious question is – “How do I decide what to get?”