Initiative Aims to Develop Vendor-Neutral Security Testing Standards
Spirent Communications announced that the company is helping to define a new open standard for testing enterprise network security performance. Spirent is collaborating with top network security appliance and services vendors and certification labs in this initiative, which will offer a new level of network security metrics for a growing industry that is demanding more insightful, precise and non-proprietary performance evaluation practices.
“Enterprises, service providers and equipment manufacturers have long been asking for a security performance standard that is fair, unbiased and open,” said project lead Brian Monkman of the NetSecOPEN industry group. “NetSecOPEN’s collaboration with industry experts like Spirent addresses this need, and we welcome participation from other major stakeholders to test new practices and methodologies for security device performance.”
An open security performance standard offers several advantages for enterprises, equipment manufacturers and service providers. The new standard will offer:
- Increased transparency and accuracy over existing proprietary performance tests, which are narrowly defined and run behind closed doors;
- Certification of key performance metrics, while also allowing vendors and enterprises to perform tests on their own; and
- Test parameters based on real-world conditions, such as SaaS applications and high percentages of HTTPS to assess the performance of enterprise perimeter security appliances.
“We are excited to collaborate with the network security industry in the NetSecOPEN initiative on recommendations for security performance testing,” said Jurrie van den Breekel, vice president of business development and product management at Spirent Communications. “We believe network security tests should represent what networks actually look like today, with lots of encrypted SaaS traffic and many connections to tracker and optimization services when testing security inspection and publishing performance results. As a leading enterprise testing vendor, we’re participating in NetSecOPEN to define vendor-neutral test standards that showcase these critical criteria.”
As a first step, NetSecOPEN will work on developing certification requirements and processes with leading testing labs, the European Advanced Networking Test Center (EANTC), UL Verification Services (UL), and the University of New Hampshire InterOperability Laboratory (UNH-IOL).
“As an independent test lab, we sincerely welcome a transparent and realistic standardized benchmarking methodology for next-generation firewalls,” said Carsten Rossenhoevel, co-founder and CTO at EANTC. “Today, published benchmarking results of firewalls often differ substantially from real-world performance, which is confusing for our service-provider and enterprise customers. EANTC is actively participating in the NetSecOPEN initiative, contributing our experience, using the new methodology for all our public and private firewall tests and spearheading NetSecOPEN’s future network security certification program.”