FIREWALL TESTING
The invention provides a method of testing a firewall for a communications network, and an equivalent apparatus. More specifically, the method allows a high-level firewall policy model to be defined based on input provided by a firewall administrator without specialised knowledge in mathematically f...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | The invention provides a method of testing a firewall for a communications network, and an equivalent apparatus. More specifically, the method allows a high-level firewall policy model to be defined based on input provided by a firewall administrator without specialised knowledge in mathematically formal languages. The firewall policy model represents an idealisation of the firewall under test, the firewall policy, and the network environment in which the firewall is deployed. One or more sets of test cases is generated based on the policy mode. The generated test case set includes at least one test case comprising a specification of a packet to be processed by the firewall under test and the expected outcome of processing the packet by a firewall compliant with the policy. Preferably, the generated test case set allows potential failure of the firewall under test to implement the policy correctly to be detected. The test packets specified in the test cases are subsequently provided to the firewall under test for processing. The outcome of the processing is monitored, and the observed packets compared with the expected results to determine whether the firewall under test is functioning according to the firewall policy. |
|---|