Spirent circle logo

It’s Time for Unbiased Security Device Testing


Enterprise security management was never easy. But now a confluence of new realities is making it harder than ever to keep a step ahead of bad actors. Learn about the latest community efforts to level the security testing playing field.

The office perimeter now knows no bounds, stretching to couches and coffee shops as workers take advantage of remote options using mostly unsecured internet access. Cloud applications use is pervasive – the edge is now very much part of the corporate network. More devices are rolling out and mission critical workloads are being deployed in new networks. Security requirements are stacking up.

New security approaches like Zero Trust and Secure Access Service Edge (SASE) promise progress, but it seems as soon as one challenge is solved, another arises.

Vendors are racing to pack more and more capabilities into security solutions, driving product complexity to new heights. There are now upwards of 4,000 cybersecurity vendors serving a crowded, confusing market where it’s becoming harder than ever for end customers to assess and validate one provider versus another.

How can enterprises be sure they’re selecting security products that can actually keep up with changing needs and protect against the latest threats? What criteria should be uses to select one vendor over another?

These questions all point to one reality: It’s time for unbiased product testing that can keep up with an ever-changing security environment and provide objective benchmarking based on real-world conditions. Vendor self-tested configurations or traffic types designed to make a product look its best will no longer fly.

NetSecOPEN is answering the calls for help cutting through the confusion.

Leveling the security test playing field

NetSecOPEN is a community effort among industry leading test companies, vendors, and test labs, to create standardized network security and device performance test criteria, and reporting for enterprise buyers. In this open, transparent environment, there are no secrets about what is being tested or the test and device configurations. This should be welcome news for confounded enterprise buyers.

NetSecOPEN welcomes vendors to choose a lab to certify devices against the NetSecOPEN specifications. Certification reports are published on the NetSecOPEN website and publicly available. The vendor test configuration information is also made available so tests results can be reproduced by others.

As a neutral party, NetSecOPEN test results are unbiased, leveling the playing field, thus simplifying buyer decision-making.

Where NetSecOPEN is heading

NetSecOPEN is expanding its common test criteria to address the wide-ranging performance and security aspects of what network security devices are now being expected to do.

Importantly, NetSecOPEN is specifying generalized performance criteria on encrypted and non-encrypted domains. While it’s good news that 80-90% of all traffic is now encrypted, this makes it harder for devices to live up to performance claims. This has made testing encrypted domains critical.

In addition to testing general performance, devices are now subjected to myriad real-world traffic mixes from a variety of vertical industries. NetSecOPEN is creating performance test specification building blocks that align with the distinct needs of specific industries, such as healthcare, education, and a growing list of others. While the test criteria will not cover niche cases that would be specific to a given company, they will provide baseline requirements—based on actual customer experiences—for enterprises in that industry.

Emerging test criteria is also addressing a much broader set of attack and malware elements, such as including assessing with hacker evasion techniques, as well as security testing under load requirements, to understand how well devices and security policies detect and evade these difficult-to-discern and very real-world situations.

Security complexity isn’t going away, but enterprises should find relief in the wake of NetSecOPEN’s evolving test and validation initiatives.

Learn more about NetSecOPEN

Spirent is a founding NetSecOPEN member and believes strongly that open, collaborative, objective approaches to security and performance validation—not proprietary test suites—are essential for products and services to evolve as quickly as the security landscape.

NetSecOPEN test methodologies are made available within Spirent CyberFlood application and security assessment solution. Learn more about Spirent security device and performance validation capabilities.

Get latest updates on NetSecOPEN activities in this Dark Reading report.

Like our content?

Subscribe to our blogs here.

Blog Newsletter Subscription

Mike Jack
Mike Jack

Sr. Manager Security Solutions Product Marketing

Michael Jack is senior manager of Product Marketing of Spirent Communications’ applications and security solutions portfolio. With 20 years of working in the data communications industry and over 15 years working for networking test and measurement organizations. At Spirent Communications Michael works with the Product Management team to define, produce and deliver cutting edge Applications and Security testing solutions for Network Equipment Manufactures, Enterprises, and Services Providers. Michael has presented at numerous industry events and has worked in Product Marketing and Management capacities at a diverse number of networking companies including Thomas-Conrad, UB Networks, Newbridge Networks, Compaq, and Antara.