Presentation is loading. Please wait.

Presentation is loading. Please wait.

82nd IETF Taipei, 13-18 Nov 2011 IETF BMWG Security Effectiveness Benchmarking Kenneth Green.

Published byGavin Hart Modified over 8 years ago

Similar presentations

Presentation on theme: "82nd IETF Taipei, 13-18 Nov 2011 IETF BMWG Security Effectiveness Benchmarking Kenneth Green."— Presentation transcript:

1 82nd IETF Taipei, 13-18 Nov 2011 IETF BMWG Security Effectiveness Benchmarking Kenneth Green

2 2 Critical Functions of Content Aware Devices Content-aware security devices perform the following key functions: 1. Categorise traffic as either legal or illegal 2. Log/notify about illegal traffic (in-band/out-of-band) 3. Block illegal traffic (in-band) 4. Forward legal traffic (in-band) All devices must implement categorisation as it is fundamental to the other functions.

3 3 Distinguishing Performance and Effectiveness Security Performance = how well a content-aware device forwards good traffic with security features enabled and in the presence of illegal traffic. This has begun to be addressed by: draft-hamilton-bmwg-ca-bench_xxx Security Effectiveness = how well the device categorises traffic. No false negatives = accurately identifies all evil traffic No false positives = never flags good traffic as evil This is not currently addressed.

4 4 The Proposed Drafts Two drafts: Terminology and methodology for Security Effectiveness benchmarking Terminology draft will cover items specific to Security Effectiveness testing Legal traffic, Illegal traffic (taking RFC2647 as a starting point) Vulnerability, Malware, Virus, Trojan, Rootkit … False positive, false negative … Wildlist Others TBD (as required by the Methodology draft)

5 5 The Proposed Drafts (cont.) Methodology draft will provide general information on test setups and test results, then describe the specific benchmark metrics and tests Maximum Attack Blocking Rate Useful Attack Blocking Rate Attack Blocking Effectiveness Others TBD Results to include details of all attacks and identify those blocked and those not blocked.

6 6 Why Do We Need To Do This? The nature of this testing is orthogonal to that of performance testing and is not covered by existing RFCs or IDs. A security device with high forwarding performance is of little use if it misses malicious traffic. Currently there is no standard way to validate effectiveness of security solutions and hence no mechanism exists for realistic apples-to-apples comparisons of the breadth and currency of competing solutions. The range of security challenges grows exponentially Existing exploits and malware remain a risk and effectiveness against them must be validated for both new and updated products. New exploits and malware appear all the time requiring re-validation of the effectiveness of existing devices and solution updates.

7 7 Next steps Continue to solicit comments, feedback, and support Submit initial drafts based on comments and input received Initial methodology draft: draft-green-bmwg-seceff-bench-meth-00.txt Comments?

Download ppt "82nd IETF Taipei, 13-18 Nov 2011 IETF BMWG Security Effectiveness Benchmarking Kenneth Green."

Similar presentations

Basic BGP Data Plane Convergence Benchmarking -Rajiv Papneja - Mohan Nanduri -Bhavani Parise - Eric Brendel -Susan Hares - Jay Karthik.

Basic BGP Data Plane Convergence Benchmarking -Rajiv Papneja - Mohan Nanduri -Bhavani Parise - Eric Brendel -Susan Hares - Jay Karthik.
1 Content-Aware Device Benchmarking Methodology/Terminology (draft-hamilton-bmwg-ca-bench-meth-06) (draft-hamilton-bmwg-ca-bench-term-00) BMWG Meeting.

1 Content-Aware Device Benchmarking Methodology/Terminology (draft-hamilton-bmwg-ca-bench-meth-06) (draft-hamilton-bmwg-ca-bench-term-00) BMWG Meeting.
69th IETF Chicago IETF BMWG WLAN Switch Benchmarking Tarunesh Ahuja, Tom Alexander, Scott Bradner, Sanjay Hooda, Jerry Perser, Muninder Sambi.

69th IETF Chicago IETF BMWG WLAN Switch Benchmarking Tarunesh Ahuja, Tom Alexander, Scott Bradner, Sanjay Hooda, Jerry Perser, Muninder Sambi.
Benchmarking Methodology WG (bmwg) 60th IETF – San Diego, CA Thursday, August 5, 2004, 1300-1500 Chairs: –Kevin Dubray –Al Morton.

Benchmarking Methodology WG (bmwg) 60th IETF – San Diego, CA Thursday, August 5, 2004, Chairs: –Kevin Dubray –Al Morton.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
1 Benchmarking Methodology WG (bmwg) 84th IETF Thursday, August 2, 2012 (1730 Vancouver Local Time, GMT-7:00) Chairs: –Al Morton If.

1 Benchmarking Methodology WG (bmwg) 84th IETF Thursday, August 2, 2012 (1730 Vancouver Local Time, GMT-7:00) Chairs: –Al Morton If.
1 Benchmarking Methodology WG (bmwg) Virtual Interim Meeting prior to 76th IETF Friday, October 30, 2009, 1330-1600 GMT Chairs: –Al Morton

1 Benchmarking Methodology WG (bmwg) Virtual Interim Meeting prior to 76th IETF Friday, October 30, 2009, GMT Chairs: –Al Morton
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
SIP Performance Metrics 66 th IETF – Montreal Daryl Malas.

SIP Performance Metrics 66 th IETF – Montreal Daryl Malas.
1 Secure DNS Solutions Rooster. 2 Introduction What does security mean for DNS? What security problems exist for DNS, what is being done about them, and.

1 Secure DNS Solutions Rooster. 2 Introduction What does security mean for DNS? What security problems exist for DNS, what is being done about them, and.
Domain Name System Security Extensions (DNSSEC) Hackers 2.

Domain Name System Security Extensions (DNSSEC) Hackers 2.
Draft-novak-bmwg-ipflow-meth-05.txt IP Flow Information Accounting and Export Benchmarking Methodology

Draft-novak-bmwg-ipflow-meth-05.txt IP Flow Information Accounting and Export Benchmarking Methodology
66th IETF Meeting Montreal IETF BMWG WLAN Switch & Mesh Benchmarking Jerry Perser

66th IETF Meeting Montreal IETF BMWG WLAN Switch & Mesh Benchmarking Jerry Perser
67th IETF San Diego IETF BMWG WLAN Switch Benchmarking Jerry Perser, Tom Alexander, Muninder Singh Sambi,

67th IETF San Diego IETF BMWG WLAN Switch Benchmarking Jerry Perser, Tom Alexander, Muninder Singh Sambi,
1 Benchmarking Methodology WG (bmwg) 70th IETF – Vancouver, Canada Thursday, December 6, 2007, 9:00-11:30 (Oak) Chairs: –Al Morton If.

1 Benchmarking Methodology WG (bmwg) 70th IETF – Vancouver, Canada Thursday, December 6, 2007, 9:00-11:30 (Oak) Chairs: –Al Morton If.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Fundamentals of Information Systems Security.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Fundamentals of Information Systems Security.
1 Benchmarking Methodology WG (bmwg) 80th IETF Tuesday, March 29, 2011, 0900-1130 CDT (Central Europe Daylight Time, GMT+2:00) Chairs: –Al Morton

1 Benchmarking Methodology WG (bmwg) 80th IETF Tuesday, March 29, 2011, CDT (Central Europe Daylight Time, GMT+2:00) Chairs: –Al Morton
Quality of Service Option for Proxy Mobile IPv6 draft-ietf-netext-pmip6-qos-00.txt S. Gundavelli, J. Korhonen, M. Liebsch, P. Seite, H. Yokota IETF84,

Quality of Service Option for Proxy Mobile IPv6 draft-ietf-netext-pmip6-qos-00.txt S. Gundavelli, J. Korhonen, M. Liebsch, P. Seite, H. Yokota IETF84,
1 Proposal for BENCHMARKING SIP NETWORKING DEVICES draft-poretsky-sip-bench-term-01.txt draft-poretsky-sip-bench-meth-00.txt Co-authors are Scott Poretsky.

1 Proposal for BENCHMARKING SIP NETWORKING DEVICES draft-poretsky-sip-bench-term-01.txt draft-poretsky-sip-bench-meth-00.txt Co-authors are Scott Poretsky.
1 Benchmarking Methodology WG (bmwg) 82nd IETF Monday, November 14, 2011, 0900-1130 (Taipei Local Time, GMT+8:00) Chairs: –Al Morton

1 Benchmarking Methodology WG (bmwg) 82nd IETF Monday, November 14, 2011, (Taipei Local Time, GMT+8:00) Chairs: –Al Morton

Similar presentations

Ads by Google