Some Security Devices Just Aren't that Secure

By Steve Anderson December 11, 2012

Network security is high on a lot of people's lists these days. Keeping computers safe from attacks, keeping networks safe from attacks, and keeping the information contained therein from slipping out and being misused is a major priority. But according to a new report released today from Broadband-Testing, not every security device may be as powerful as their competitors on store shelves.

Broadband-Testing's report covered the results of performance testing for a set of four network firewall solutions on the market from Cisco Systems, WatchGuard, NetPilot, SonicWall and others. Broadband-Testing used the Spirent security suite to test out the devices, and established benchmarks for the devices, focusing on things like application traffic performance and network traffic performance both with and without attacks. The results produced some unexpected information, and will make anyone looking at new hardware for network security look twice.


Image via Shutterstock

What Broadband-Testing discovered was that, when any IT network firewall solution is stepped up to enable advanced functions like IDS / IPS functionality, there's a concomitant loss of performance in virtually every device tested. What this in particular means is that, whenever a device is selected for security, it needs to be tested, in that system, to ensure that it will actually do the job it sets out to do. But aside from that, basic firewall protection was sound, and most firewall products will actually do at least reasonably close to what they claim they will do. However, the other clear takeaway from Broadband-Testing's evaluation was that testing was especially important, given that the products involved in the testing had inherent differences that directly affected their ability to fight threats.

The founder and director of Broadband-Testing, Steve Broadhead, further elaborated on the key point about testing the claims of manufacturers in the field, saying, “Enterprises have much to lose by not taking the initiative to create and enforce a strict security regime. Instead they depend only on their security device vendors’ claims to assess the fortification of their network. The goal of this test was to look at different firewall solutions that sit at various price points and evaluate them on pure performance. Spirent’s solutions were instrumental in the testing, and were able to push the four products with realistic and scaling performance traffic and threat traffic. By testing the performance of the security devices and verifying against vendor claims, it was easy to identify areas of weakness in the network.”

Indeed, it's never a good idea to take any claims at face value—Ronald Reagan actually made the famous assessment, “Trust but verify”, which still serves as good advice today—but rather be prepared to independently assess their veracity before relying on them to provide the security that's all too necessary in the current environment.

Protecting systems from attack not only keeps those vital systems up and running, and providing their benefits to the larger body, but also prevents disastrous PR troubles like those Sony was faced with following the attack on the PlayStation Network. No system is fool-proof, of course, but being proactive and doing everything available to protect information will go a long way toward not only preventing the worst of the attacks on the network, but also preventing the worst of the attacks on the company itself in the event that something should go wrong. 




Edited by Brooke Neuman

Contributing TechZone360 Writer

SHARE THIS ARTICLE
Related Articles

Verizon Needs Tough Love on Copper Policies

By: Doug Mohney    1/29/2015

New regulation on broadband and telecommunications providers is at top of mind here at ITEXPO. Jeff Pulver, founder and chief executive of pulver.com …

Read More

OTT Video Set to Top $6 Billion in 2019

By: Tara Seals    1/29/2015

When it comes to over-the-top (OTT) video, it has grown not only in developed regions but also in emerging markets, both as an alternative and complem…

Read More

Digium CEO: Businesses at Every Level Can Get Started with UCaaS

By: Allison Boccamazzo    1/29/2015

Digium CEO Danny Windham made one thing clear during his keynote presentation at ITEXPO 2015: Businesses of all kinds, at every developmental level, c…

Read More

When Gaming Isn't a Game: 3 Best Practices to Protect Your Hosting Service Against DDoS Attacks

By: Joe Eskew    1/28/2015

The unprecedented number of security breaches, hacks and DDoS attacks on gaming communities, software manufacturers and even Hollywood studios grew to…

Read More

No Hackers Took Down Facebook; Hour's Outage Mostly Internal

By: Steve Anderson    1/28/2015

Facebook released a statement not long after the outage had hit, revealing that the cause of the shutdown was not "...the result of a third-party atta…

Read More