Certified - FireWalls (?)

Discussion in 'other firewalls' started by SG1, Aug 13, 2006.

Thread Status:
Not open for further replies.
  1. SG1

    SG1 Registered Member

    Joined:
    Jan 16, 2003
    Posts:
    430
    Was reading some site the other day, that mentioned 2-3 f'walls, cert. by ICA - Labs (I think it was). Is a firewall, being certified, of some particular/crucial importance? Or is it hype, to make Brand A, sound better, than Brand B?
     
  2. unhappy_viewer

    unhappy_viewer Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    259
    Certification by those labs ensure that the firewall meets a certain minimum level of quality. But remember that not all firewall vendors choose to submit thier firewalls for certification.

    An example is ZoneAlarm. If you check the list ZA is not certified. However Computer Associate, which uses ZA's firewall engine, choose to submit thier eTrust Firewall product and pass certification. Hence indirectly ZA's firewall also passes the test. The only reason why its not listed is because Zone Labs did not choose to submit ZA for certification.
     
  3. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Presumably you mean ICSA certification - their criteria for PC-based firewalls being listed here. These are pretty basic by current standards, not covering leak test performance or the ability of a firewall to resist termination/modification by malware (though the ability to hide online presence aka "stealthing" ports is checked). The list of certified products is pretty short also (3 at time of posting) so it isn't possible to assign any value to this certification.

    If they raised the bar (specifically by including techniques that malware commonly uses to bypass firewalls) then it would have greater value but currently it is difficult to see a product failing even though it may be inadequate for real-world use.
     
Loading...
Thread Status:
Not open for further replies.