PROGRAMS

 

NetSecOPEN’s mission is to work with industry and others to create well defined, open and transparent standards that reflect the security needs of the real world. Standards development efforts are open to all of those with a vested interest in the outcome.

 

That includes enterprises in addition to security product vendors, tool vendors and labs.

As NetSecOPEN starts new projects, new content will be created specific to those projects. However, currently, as NetSecOPEN is being launched, the one project being worked on is the Open Performance Testing Standards project.

Once a project has sufficient content (test methodology, interpretation guidance and other documents as needed) it will feed the creation of a program. Projects can and will continue at the same time a program is created. Programs will be administered by NetSecOPEN, while labs will do the actual certification testing. Evaluation testing can be conducted against the standard by anyone licensed to use the standard. However, only certified labs will be able to conduct certification testing.

PROJECTS

Building on the work of IETF and other standards bodies, NetSecOPEN is driving standards that clarify how network security product testing should be conducted in light of today's networks.

 

We begin by identifying a project.

 

Next, we develop a test methodology. The methodology includes a set of recommended tests and guidance, including tips for configuring the product's security posture during performance testing.

 

Documentation provides guidance for interpreting testing results. After thorough testing, we submit the proposed standard to the IETF for consideration as a Request for Comment (RFC). 

 

• Blend 70% HTTPS and 30% HTTP

• Over 10,000 unique URLS

• ~1000 unique FQDNs

• ~400 unique Certs

PROJECT ONE

Open Performance Testing Standard for Next-Generation Firewalls

 

Many organizations deploying next-generation firewalls (NGFWs) have been surprised and hampered because they did not know how these devices would affect their networks. Our first project was to develop a NetSecOPEN standard for testing NGFWs and the enterprise perimeter. 

Our next projects include creating standards for technologies

such as load-balancers, web filters, and others. 

NetSecOpen APP DETAIL

Approximately 1000 FQDNs including CDN, sub apps, trackers, etc. Some Application slices have 100+ unique connections.

eastus21-mediap.svc.ms

login.windows.net

loginin.microsoftonline.com

nam.loki.delve.office.com

graph.miscrosoft.com

webdir.online.lync.com

clientlog.portal.office.com

config.edge.skype.com

portal.office.com

webdir0a.online.lync.com

s1-officeapps-15.cdn.office.net

excel.officeapps.live.com

powerpoint.officeapps.live.com

appsforoffice.microsoft.com

s1-excel-15.cdn.office

red.delve.office.com

word-edit.officeapps.live.com

shellprod.msocdn.com

outlook.office365.com

s1-ppowerpoint-15.cdn.office.com

spoprod-1.akamaihd.net

spirent1-my.sharepoint.com

s1-word-edit-15.cdn.office.com

static.sharepointonline.com

swx.cdn.skype.com

r1.res.office365.com

 

 
TESTING USING A REAL WORLD TRAFFIC MIX

Actual enterprise production networks handle thousands of applications, traffic types, and access privileges. To accurately test an NGFW, the traffic mix must be as comprehensive and substantive as possible.

We first created a real-world traffic mix that delivers accurate pictures of the load performance that current security products face. Any traffic mix used for testing current network security products should include the following pillars:

•   70% HTTPS traffic and 30% HTTP traffic 

•  Recreated content from more than 10,000 unique URLs

•  ~1000 unique fully qualified domain names (FQDNs), including CDN, sub-apps, trackers and other connections

•  ~400 unique certificates

DRILLING DOWN INTO THE APP DETAIL: OFFICE 365

Drilling down into more detail about each app, we recreated traffic as realistically as possible. Most apps trigger connections to multiple—sometimes dozens—of URLS in order to handle personal data, gather content, and deliver data to other apps.

 

This Office 365 app slice shows where, and relatively how much, traffic goes.

The NetSecOPEN standard painstakingly recreates traffic destinations from the original FQDN

 

CONTACT

Have questions? Want to know more about where we're going?

  • White Twitter Icon
  • White LinkedIn Icon

© NetSecOPEN