New Cyber Security Testing and Certification

  • 379 views
Uploaded on

UL uses BreakingPoint to set the standard of measuring the security effectiveness of a product.

UL uses BreakingPoint to set the standard of measuring the security effectiveness of a product.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
379
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
5
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. New Cyber Security Testing and Certification
  • 2. UnderwritersLaboratories Inc.
    Working for a safer world since 1894
  • 3. Cyber Security Challenges
    3
    • Vulnerabilities discovereddaily for IT infrastructure
    • 4. Daily exploits
    • 5. Exploits can affect security and performance
    • 6. Regular patches and updates from vendors
    • 7. Patches and updates may affect performance
    • 8. How do you measure the security effectiveness of a product?
  • Responses
    4
    • Independent Testing and Certification
    • 9. Test products’ protection against known vulnerabilities
    • 10. Test performance claims
    • 11. Continuous testing of patches and updates
    • 12. Validation and certification of products against known vulnerabilities and with respect to performance claims
  • UL 2825Specification for Resiliency of Network Infrastructure Components
    January 31st 2011
  • 13. Scope of UL 2825
    This specification applies to perimeter network infrastructure equipment
    • Published performance claims
    • 14. Ability to withstand exploits against known vulnerabilities
    • 15. Resiliency to invalid network traffic
    6
    BreakingPoint Storm CTM
    • Automated tests
    • 16. Repeatability
    • 17. Reproducibility
  • Testing Details
    7
    Vulnerability Databases
    • MITRE CVE
    • 18. NIST NVD
    • 19. Open Source Vulnerability (OSVD)
    • 20. Security Focus Bugtraq ID
  • Applicable Products
    8
    • Intrusion Prevention Systems
    • 21. Load Balancers
    • 22. Universal Threat Management
    • 23. Converged Network Server Equipment
    • 24. Switches
    • 25. Routers
    • 26. Proxy Servers
    • 27. Firewalls
  • Test & Certification
    9
    • Manufacturer engages with UL to assess products
    • 28. 1-day test effort
    • 29. Monthly re-evaluation for new vulnerabilities that affect specific products
    • 30. Products listed online at www.ul.com with validation certificate
  • Contact Us
    10
    www.ul.com
    Ken Modeste
    Global Principal Engineer – Life Safety & Security
    Email: Ken.Modeste@us.ul.com
    Phone: 1 847 664 2659