Internet Security Systems offers firewall tester product

Internet Security Systems Inc. recently released Version 3.3 of Internet Scanner, a popular firewall testing product.

The new version of Internet Scanner adds an enhanced graphical user interface and a graphical representation of the results of a network scan, according to Patrick Taylor, director of product marketing at Internet Security Systems.

Federal users are seeking help testing and monitoring Internet firewalls as they begin to realize that installing this technology is more complicated than it seems.

"A lot of firewalls get misconfigured," said Christopher Klaus, chief executive officer of Internet Security Systems. "A lot are wide open to services that would let hackers through." Internet Security Systems has customers at the Energy Department, NASA and military sites, Klaus said.

Lawrence Livermore National Laboratory in California is using Internet Scanner to test for general network and Unix vulnerabilities, says Neal Mackanic, a computer scientist at the lab. And because most firewalls are Unix-based, the product would be good for that kind of testing as well, he said. Mackanic recently obtained a site license for broader use of the product at the DOE facility.

The National Computer Security Association uses Internet Scanner as part of its firewall testing program, said Jon McCown, an NCSA network security engineer in Carlisle, Pa. Since February, NCSA has certified 16 firewalls. The National Security Agency is a member of the NCSA-sponsored Firewall Product Developers Consortium, which is the umbrella organization for the testing program.

Internet Scanner scans past the firewall on a Transmission Control Protocol/Internet Protocol network "to see if we get through the filter," Klaus said. The system looks for more than 120 known holes. Related testing includes application-level and IP filtering as well as the firewall itself. Firewall testing - in a Unix environment - includes the usual send-mail and electronic-mail bugs as well as more modern attacks such as IP spoofing, Klaus said.

A license covering 10 to 20 machines costs about $800.

**

Adams is a free-lance writer based in Arlington, Va.

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected