Guest Lecture on Quality aspect of network security product testing

By Administrator 123erty

Published On: July 25, 2017Categories: Student's Blog0 Comments on Guest Lecture on Quality aspect of network security product testing

SCIT ISACA student group arranged a guest lecture on 23rd July 2017 regarding quality aspect of network security product testing. Speaker of the guest lecture Mr. Sabu Thaliyath is currently a Test Manager at Quick Heal Technologies Ltd. He started his lecture with basic question, “What is network security?” and went on exploring its components with quality aspect regarding their performance and impact on the system.

He specified that there are three aspects of network security – Hardware, Software and Policy. Various security modules at various levels work together to provide secure network for users. He explained working of Firewall, Anti-Malware, IDS- Intrusion Detection System, IPS- Intrusion Prevention System, URL categorization and VPN- Virtual Private Network in brief. Every network can be secured by unified working of these security modules but there are certain boundaries of each security module and also each separately costs on performance. Therefore Unified Threat Management (UTM) system emerged as a comprehensive security product which is able to implement multiple security functions within one single system.

He explicated that quality aspect of any security system is mainly determined by two characteristics, functionality and performance. Each module of security system inspects traffic and take decision. Quality of each module is tested based on how they work? And how fast they are? The combined performance of modules is also tested. He said that the firewall which mainly deals with packet filtering based predefined rules has high impact on performance. Anti-malware checks for matching signatures against signatures of known viruses. It has medium impact. IDS and IPS detects, alerts and prevents attacks. He gave an example of DDoS. In case of DDoS- Distributed Denial of Service attack a Pre-DoS may be used by a Master to trigger attack. This attack can be detected by IDS/IPS when traffic pattern towards port no. 27665 is analysed. Preventive measures are taken but again IDS/IPS has huge impact on performance. URL categorization has less impact of end users and VPN has high CPU use for encryption and decryption.

He quantified that throughput with respect to bandwidth is the main measure to test network security system performance. He mentioned that other quality aspects such as user performance, security testing of product itself, logging and reporting are also important. Throughout the lecture student asked their queries and he answered them very well. Overall session was erudite and students fostered a unified approach toward network security.

Related Posts
Unveiling Cloud-Native Application Development: Innovations, Benefits, and Hurdles
Unveiling Cloud-Native Application Development: Innovations, Benefits, and Hurdles

Unveiling Cloud-Native Application Development: Innovations, Benefits, and Hurdles

February 4, 2024|0 Comments
Unlocking the Secrets of Cybersecurity: A Journey with Mr. Sankha Chakraborty
Unlocking the Secrets of Cybersecurity: A Journey with Mr. Sankha Chakraborty

Unlocking the Secrets of Cybersecurity: A Journey with Mr. Sankha Chakraborty

January 18, 2024|0 Comments
Navigating the Challenges of Reinforcement Learning
Navigating the Challenges of Reinforcement Learning

Navigating the Challenges of Reinforcement Learning

January 12, 2024|0 Comments
Navigating the Future: Advanced Database Management Systems in the Era of Big Data Analytics
Navigating the Future: Advanced Database Management Systems in the Era of Big Data Analytics

Navigating the Future: Advanced Database Management Systems in the Era of Big Data Analytics

January 10, 2024|0 Comments
The Significance of Explainable Artificial Intelligence (XAI) in Critical Applications
The Significance of Explainable Artificial Intelligence (XAI) in Critical Applications

The Significance of Explainable Artificial Intelligence (XAI) in Critical Applications

December 30, 2023|0 Comments
8TH Edition of Integrity and Ethics Conclave
8TH Edition of Integrity and Ethics Conclave

8TH Edition of Integrity and Ethics Conclave

December 20, 2023|0 Comments
Guest Lecture on Introduction to IT Service Management
Guest Lecture on Introduction to IT Service Management

Guest Lecture on Introduction to IT Service Management

November 22, 2023|0 Comments
Managing Third Party Risks and its Governance
Managing Third Party Risks and its Governance

Managing Third Party Risks and its Governance

November 16, 2023|0 Comments
Scrum vs Kanban: Choosing the Right Agile Methodology for Your Project
Scrum vs Kanban: Choosing the Right Agile Methodology for Your Project

Scrum vs Kanban: Choosing the Right Agile Methodology for Your Project

November 16, 2023|0 Comments

Recent Post