Internet Security Systems offers firewall tester product

Internet Security Systems Inc. recently released Version 3.3 of Internet Scanner, a popular firewall testing product.

The new version of Internet Scanner adds an enhanced graphical user interface and a graphical representation of the results of a network scan, according to Patrick Taylor, director of product marketing at Internet Security Systems.

Federal users are seeking help testing and monitoring Internet firewalls as they begin to realize that installing this technology is more complicated than it seems.

"A lot of firewalls get misconfigured," said Christopher Klaus, chief executive officer of Internet Security Systems. "A lot are wide open to services that would let hackers through." Internet Security Systems has customers at the Energy Department, NASA and military sites, Klaus said.

Lawrence Livermore National Laboratory in California is using Internet Scanner to test for general network and Unix vulnerabilities, says Neal Mackanic, a computer scientist at the lab. And because most firewalls are Unix-based, the product would be good for that kind of testing as well, he said. Mackanic recently obtained a site license for broader use of the product at the DOE facility.

The National Computer Security Association uses Internet Scanner as part of its firewall testing program, said Jon McCown, an NCSA network security engineer in Carlisle, Pa. Since February, NCSA has certified 16 firewalls. The National Security Agency is a member of the NCSA-sponsored Firewall Product Developers Consortium, which is the umbrella organization for the testing program.

Internet Scanner scans past the firewall on a Transmission Control Protocol/Internet Protocol network "to see if we get through the filter," Klaus said. The system looks for more than 120 known holes. Related testing includes application-level and IP filtering as well as the firewall itself. Firewall testing - in a Unix environment - includes the usual send-mail and electronic-mail bugs as well as more modern attacks such as IP spoofing, Klaus said.

A license covering 10 to 20 machines costs about $800.

**

Adams is a free-lance writer based in Arlington, Va.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.