New Cyber Security Testing and Certification<br />
UnderwritersLaboratories Inc.<br />Working for a safer world since 1894<br />
Cyber Security Challenges<br />3<br /><ul><li>Vulnerabilities discovereddaily for IT infrastructure
Daily exploits
Exploits can affect security and performance
Regular patches and updates from vendors
Patches and updates may affect performance
How do you measure the security effectiveness of a product?</li></li></ul><li>Responses<br />4<br /><ul><li>Independent Te...
Test products’ protection against known vulnerabilities
Test performance claims
Upcoming SlideShare
Loading in...5
×

New Cyber Security Testing and Certification

446

Published on

UL uses BreakingPoint to set the standard of measuring the security effectiveness of a product.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
446
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

New Cyber Security Testing and Certification

  1. 1. New Cyber Security Testing and Certification<br />
  2. 2. UnderwritersLaboratories Inc.<br />Working for a safer world since 1894<br />
  3. 3. Cyber Security Challenges<br />3<br /><ul><li>Vulnerabilities discovereddaily for IT infrastructure
  4. 4. Daily exploits
  5. 5. Exploits can affect security and performance
  6. 6. Regular patches and updates from vendors
  7. 7. Patches and updates may affect performance
  8. 8. How do you measure the security effectiveness of a product?</li></li></ul><li>Responses<br />4<br /><ul><li>Independent Testing and Certification
  9. 9. Test products’ protection against known vulnerabilities
  10. 10. Test performance claims
  11. 11. Continuous testing of patches and updates
  12. 12. Validation and certification of products against known vulnerabilities and with respect to performance claims</li></li></ul><li>UL 2825Specification for Resiliency of Network Infrastructure Components<br />January 31st 2011<br />
  13. 13. Scope of UL 2825 <br />This specification applies to perimeter network infrastructure equipment<br /><ul><li>Published performance claims
  14. 14. Ability to withstand exploits against known vulnerabilities
  15. 15. Resiliency to invalid network traffic</li></ul>6<br />BreakingPoint Storm CTM<br /><ul><li>Automated tests
  16. 16. Repeatability
  17. 17. Reproducibility</li></li></ul><li>Testing Details<br />7<br />Vulnerability Databases<br /><ul><li>MITRE CVE
  18. 18. NIST NVD
  19. 19. Open Source Vulnerability (OSVD)
  20. 20. Security Focus Bugtraq ID</li></li></ul><li>Applicable Products<br />8<br /><ul><li>Intrusion Prevention Systems
  21. 21. Load Balancers
  22. 22. Universal Threat Management
  23. 23. Converged Network Server Equipment
  24. 24. Switches
  25. 25. Routers
  26. 26. Proxy Servers
  27. 27. Firewalls</li></li></ul><li>Test & Certification<br />9<br /><ul><li>Manufacturer engages with UL to assess products
  28. 28. 1-day test effort
  29. 29. Monthly re-evaluation for new vulnerabilities that affect specific products
  30. 30. Products listed online at www.ul.com with validation certificate</li></li></ul><li>Contact Us<br />10<br />www.ul.com<br />Ken Modeste<br />Global Principal Engineer – Life Safety & Security<br />Email: Ken.Modeste@us.ul.com<br />Phone: 1 847 664 2659<br />
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×