Internet Security Systems offers firewall tester product

Internet Security Systems Inc. recently released Version 3.3 of Internet Scanner, a popular firewall testing product.

The new version of Internet Scanner adds an enhanced graphical user interface and a graphical representation of the results of a network scan, according to Patrick Taylor, director of product marketing at Internet Security Systems.

Federal users are seeking help testing and monitoring Internet firewalls as they begin to realize that installing this technology is more complicated than it seems.

"A lot of firewalls get misconfigured," said Christopher Klaus, chief executive officer of Internet Security Systems. "A lot are wide open to services that would let hackers through." Internet Security Systems has customers at the Energy Department, NASA and military sites, Klaus said.

Lawrence Livermore National Laboratory in California is using Internet Scanner to test for general network and Unix vulnerabilities, says Neal Mackanic, a computer scientist at the lab. And because most firewalls are Unix-based, the product would be good for that kind of testing as well, he said. Mackanic recently obtained a site license for broader use of the product at the DOE facility.

The National Computer Security Association uses Internet Scanner as part of its firewall testing program, said Jon McCown, an NCSA network security engineer in Carlisle, Pa. Since February, NCSA has certified 16 firewalls. The National Security Agency is a member of the NCSA-sponsored Firewall Product Developers Consortium, which is the umbrella organization for the testing program.

Internet Scanner scans past the firewall on a Transmission Control Protocol/Internet Protocol network "to see if we get through the filter," Klaus said. The system looks for more than 120 known holes. Related testing includes application-level and IP filtering as well as the firewall itself. Firewall testing - in a Unix environment - includes the usual send-mail and electronic-mail bugs as well as more modern attacks such as IP spoofing, Klaus said.

A license covering 10 to 20 machines costs about $800.

**

Adams is a free-lance writer based in Arlington, Va.

Featured

  • IT Modernization
    Eisenhower Executive Office Building (Image: Wikimedia Commons)

    OMB's user guide to the MGT Act

    The Office of Management and Budget is working on a rules-of-the-road document to cover how agencies can seek and use funds under the MGT Act.

  • global network (Pushish Images/Shutterstock.com)

    As others see us -- a few surprises

    A recent dinner with civil servants from Asia delivered some interesting insights, Steve Kelman writes.

  • FCW Perspectives
    cloud (Singkham/Shutterstock.com)

    A smarter approach to cloud

    Advances in cloud technology are shifting the focus toward choosing the right tool for the job and crafting solutions that truly modernize systems.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.