It's been more than 15 years since the IETF recommended
testing methodology for network firewalls
A lot has changed since then. In response to a rapidly morphing cyberthreat landscape, security requirements have expanded beyond simple firewalls into intrusion detection and prevention, threat management, endpoint security, web filtering, encryption, deep packet inspection—the list goes on.
Ten years ago, 80% of networks ran on unencrypted HTTP
Today, more than 80% of a network's perimeter traffic is encrypted with HTTPS. Although security requirements changed, product performance testing has not kept pace with the demands of real-world network traffic. Proprietary testing methodologies, criteria, and results interpretation differ between testing labs. Enterprise buyers face a bewildering number of certifications without a way to discern how the product would function in their actual networks.
NetSecOPEN was formed in 2017 as a nonprofit, attracting founding members from around the world to develop and update open standards for testing the rapidly expanding universe of network security solutions. All work is conducted openly and transparently, with meeting minutes and project status posted on this website.
WHAT WE DO
• Create a suite of test standards that can be used for evaluating or certifying network security products
• Create guidelines and best practices for testing network security infrastructure and provide guidance for interpreting results
• Oversee the creation and updating of standards
• Oversee evaluation testing against the standards by network security product vendors
NetSecOPEN’s mission is to work with industry and others to create well defined, open and transparent standards that reflect the security needs of the real world. Standards development efforts are open to all of those with a vested interest in the outcome.
That includes enterprises in addition to security product vendors, tool vendors and labs.
As NetSecOPEN starts new projects, new content will be created specific to those projects. However, currently, as NetSecOPEN is being launched, the one project being worked on is the Open Performance Testing Standards project.
Once a project has sufficient content (test methodology, interpretation guidance and other documents as needed) it will feed the creation of a program. Projects can and will continue at the same time a program is created. Programs will be administered by NetSecOPEN, while labs will do the actual certification testing. Evaluation testing can be conducted against the standard by anyone licensed to use the standard. However, only certified labs will be able to conduct certification testing.
LAB & TEST SOLUTION PARTNERS
TEST SOLUTION & SERVICE PROVIDER PARTNERS
Test solution and service provider partners play a critical role in helping ensure that network security products are tested in clear, consistent, and reproducible ways. Organizations that test and provide other services involving security products are welcome to join.
Ixia, a Keysight company, is a technology leader that helps enterprises, service providers, and governments accelerate innovation to connect and secure the world.
Spirent is recognized globally as a leader in lab-based, high-speed Ethernet, positioning and mobile network infrastructure testing, and service assurance systems for service providers.
Our lab partners play a critical role in helping ensure that network security products are tested using open standards that realistically describe product performance. We welcome labs that want to participate and are committed to transparent, repeatable testing standards.
EUROPEAN ADVANCED NETWORK TEST CENTER (EANTC)
EANTC provides objective, vendor-neutral, network performance test facilities for
manufacturers, service providers, and enterprise customers.
UNIVERSITY OF NEW HAMPSHIRE
InterOperability Laboratory (UNH-IOL) provides independent, broad-based interoperability and conformance testing for data, telecom, and storage networking technologies.