IDS mailing list archives
ICSA Labs Network IPS Testing
From: "Walsh, John (Jack)" <jwalsh () icsalabs com>
Date: Tue, 4 Dec 2007 15:49:21 -0500
Fellow Focus IDS Readers: As the program manager responsible for all aspects of ICSA Labs Network IPS certification testing, I thought I ought to correct some misleading information you may have recently read on this list about our Network IPS certification testing program. The truth is that we do not "pick specific attacks and say that you must block these." In ICSA Labs Network IPS certification testing we test in part to ensure the device provides coverage protection for all attacks targeting an evolving set of medium-to-high severity vulnerabilities that we and a consortium of 15 network IPS vendors (http://www.icsalabs.com/icsa/topic.php?tid=6a87$5813f3e2-37b77ee3$3b4a- f1d4a32d) believe are relevant to enterprise end users. For the future, and you probably all know this, but just to be absolutely certain - please be suspicious of the reason(s) why someone would comment negatively on ICSA Labs network IPS testing. Keep in mind that such an individual most likely: a) is in no position to speak authoritatively about ICSA Labs network IPS testing, b) believes that he/she or his/her organization is somehow competing with ICSA Labs, and/or c) stands to gain by speaking disparagingly - no matter how subtle the fashion - about ICSA Labs, Finally, rather than re-hash our entire philosophy on how best to properly test a network IPS device, I would invite you to read the 4 whitepapers we wrote back in around June of 2006 as they are still relevant today: http://www.icsalabs.com/icsa/topic.php?tid=6807$064ec1ee-3a54c0ac$dc20-4 1d3f014 If you also read the front matter for any of the certification testing reports (available from http://www.icsalabs.com/nips/certifiedproducts.html) you will pick up a lot of information on our testing methodology and be able to see how it maps back at a high level to the testing criteria (http://www.icsalabs.com/icsa/docs/html/communities/nips/criteria/NIPS_c riteria_v110_071010.pdf). If you have any questions, comments, or concerns please contact me directly. I am more than happy to talk with you. Take care, Jack Walsh Technology Programs Manager, Intrusion Detection & Prevention ICSA Labs jwalsh () icsalabs com 717.790.8126 ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- ICSA Labs Network IPS Testing Walsh, John (Jack) (Dec 04)
- Re: ICSA Labs Network IPS Testing Stefano Zanero (Dec 05)
- Re: ICSA Labs Network IPS Testing Rahul K (Dec 11)
- RE: ICSA Labs Network IPS Testing Walsh, John (Jack) (Dec 12)
- Re: ICSA Labs Network IPS Testing Rahul K (Dec 11)
- Re: ICSA Labs Network IPS Testing Stefano Zanero (Dec 05)