Internet Security Systems offers firewall tester product

Internet Security Systems Inc. recently released Version 3.3 of Internet Scanner, a popular firewall testing product.

The new version of Internet Scanner adds an enhanced graphical user interface and a graphical representation of the results of a network scan, according to Patrick Taylor, director of product marketing at Internet Security Systems.

Federal users are seeking help testing and monitoring Internet firewalls as they begin to realize that installing this technology is more complicated than it seems.

"A lot of firewalls get misconfigured," said Christopher Klaus, chief executive officer of Internet Security Systems. "A lot are wide open to services that would let hackers through." Internet Security Systems has customers at the Energy Department, NASA and military sites, Klaus said.

Lawrence Livermore National Laboratory in California is using Internet Scanner to test for general network and Unix vulnerabilities, says Neal Mackanic, a computer scientist at the lab. And because most firewalls are Unix-based, the product would be good for that kind of testing as well, he said. Mackanic recently obtained a site license for broader use of the product at the DOE facility.

The National Computer Security Association uses Internet Scanner as part of its firewall testing program, said Jon McCown, an NCSA network security engineer in Carlisle, Pa. Since February, NCSA has certified 16 firewalls. The National Security Agency is a member of the NCSA-sponsored Firewall Product Developers Consortium, which is the umbrella organization for the testing program.

Internet Scanner scans past the firewall on a Transmission Control Protocol/Internet Protocol network "to see if we get through the filter," Klaus said. The system looks for more than 120 known holes. Related testing includes application-level and IP filtering as well as the firewall itself. Firewall testing - in a Unix environment - includes the usual send-mail and electronic-mail bugs as well as more modern attacks such as IP spoofing, Klaus said.

A license covering 10 to 20 machines costs about $800.

**

Adams is a free-lance writer based in Arlington, Va.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.