Testing Requirements

There is a three-fold focus in ICSA Labs network IPS testing -- provide ongoing vulnerability-based coverage protection for high severity vulnerabilities in enterprise software -- introduce a minimal amount of latency -- and provide logging, authentication, and other administrative functions.  In the standard against which ICSA Labs tests - the Network IPS Enterprise Certification Testing Criteria - these three categories of requirements expand to nearly 50 distinct requirements and hundreds of test cases. 

The criteria document refers to an evolving "vulnerability set". Though a network IPS may provide additional protections, the device must minimally protect against all  network-borne exploits (and evasions) targeting these high severity vulnerabilities in this list. The vulnerability set is typically comprised of server-side vulnerabilities in enterprise software.  The vulnerability set may also contain some client-side vulnerabilities (in software such as Internet web browsers for example) as well. 

The testing standard against which IPS products are measured is the network IPS testing criteria.  ICSA Labs welcomes any comments and suggestions that you may have on this set of IPS criteria requirements. To attain and/or retain certification, network IPS products must meet the entire set of criteria requirements when tested.