> What's more, I seem to get rather interesting advertising material from
> a local reseller of ISS's scanner which points out that a number of
> commerical firms which do auditting and consulting use it to verify or
> audit firewalls. Whilst it is a start, it is by no means comprehensive
I don't know what that particular reseller is doing with the scanner
as far as firewall audits go (I'm sure someone here does though).
You are correct. It is a start, but by no means complete. NCSA uses
our scanner for the same purposes here in the US, but it is used in
conjunction with other tests (mostly "homegrown" by the NCSA, I
imagine). Using ONLY the scanner to certify firewalls *can* mislead
the end consumer, especially since our scanner is more of a general
network prober than a specific firewall tester. We here at ISS
realize this and are working on expanding our product line greatly in
the coming few months. We will be selling an actual suite of
applications (called SAFEsuite). We will be selling scanners that
are more suited to specific situations. IOW, in addition to our
Scanner, we will be selling a COPS-type of internal scanner, a
firewall specific scanner, and others (all of this stuff is being
ported to NT as well for those who wish to use NT over UNIX). It
might be prudent to ask the reseller what else they are using to test
the firewalls (homegrown tests, etc.). I imagine (though *I* do not
know for sure) that their tests encompass a greater range of tests on
firewalls than just what is in the scanner.
Alex F
=-=-=-=-=-=-=-=-=-=-=-=-=-
Alex F alexf @
iss .
net
Marketing Specialist
Internet Security Systems
=-=-=-=-=-=-=-=-=-=-=-=-=-
|
|
