Security Basics mailing list archives
RE: How to review and report an utm box
From: Byte <byte2binary () live com>
Date: Wed, 1 Aug 2012 20:43:31 +0530
UTM Box is a Hoax, It is just a firewall with some additional feature sets. Anyway since you need to evaluate the UTM box, You have not mentioned your use case. Do you intend to use it primary for packet filtering, NAT Implementation, as a Perimeter firewall or as an Application level firewall. I guess your answer will be all of the above. In this situation here are couple of recommendations that would get most out of your evaluation: 1. Check What is the HW and Software 'inside' the box. 2. Develop the following use cases: a) Send yourself some massive traffic through WAN simulators and Packet generators and monitor the performance. b) Send Malicious traffic to your UTM device including but not limited to: i) Malware (Viruses, Trojans etc.) ii) Spam iii) Check and view the performance against reconnaissance attacks such as NMAP scans, etc. c) Evaluate the TCP Error rate that it might generate. More errors means more dropped packets which translates to crappy performance. d) Check and See if it has the capacity to detect probes and respond to them by either dropping connections or delaying the attack. It also needs to log those attempts. e) Honestly fire up your imagination and see more use cases that you can develop. I don't think you will get a toolkit or anything like that to evaluate the UTM. 3. Check the reporting capability of the UTM. See if it can send SNMP3 Alerts, Syslogs etc. in an orderly manner. And they need to be accurate. Check the logging engines that it supports. 4. Check and verify the support that the UTM vendor provides you. This often becomes most critical when you have to troubleshoot it at midnight and nobody is home. Symantec and McAfee don't really believe in customer is the king :) Have fun, Byte -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of a bv Sent: Wednesday, August 01, 2012 6:52 PM To: security-basics () securityfocus com Subject: How to review and report an utm box Hi, I would like to evaluate , review and report a small utm box. I would like to evaluate it and report it to the management. I need recommandations for this . Regards ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727 d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- How to review and report an utm box a bv (Aug 01)
- RE: How to review and report an utm box Byte (Aug 01)