Ask the Right Questions When Testing for Malware

In our last blog “Preparing Yourself for a Malware Epidemic,” we discussed the various types of malware and how they spread. In this blog, we’ll discuss some questions that every network manager should ask when testing their own network for malware.

As technology improves, malware attacks are becoming more destructive and harder to detect, costing you valuable time and resources. This means you need to be more vigilant and more prepared for an attack than ever before.

Testing is one important aspect of preventing malware, but a guiding methodology, such as PASS testing, is also necessary for performing tests in the most efficient way possible. When performing malware testing, there are four interdependent variables to consider: Performance, availability, security and scale (PASS).

There are some principal questions every network manager should ask when testing for malware, and each can be attributed to one of these variables.

  1. Performance: What is the impact to users, in terms of latency or quality of service (QoS), of your malware prevention mechanisms? While security systems must focus on preventing malware, they shouldn’t hinder user responsiveness. If systems remain free of malware, yet users cannot complete their work in a timely manner, then malware prevention systems are not properly doing their job. Test systems must drive realistic, every-day traffic while also emulating malware attacks to determine whether performance is sufficient.
  2. Availability: When malware causes a device to go into a fail open or fail close state, do critical services go down? Downtime is becoming increasingly unacceptable for most businesses; you must make sure that malware prevention mechanisms don’t compromise the availability of your services. Proper testing will help ensure failover mechanisms are properly working.
  3. Security: Is your malware library up-to-date, and are your systems able to stop the latest security threats? Approximately 74,000 new strains of malware are created each day. Keeping up can be a challenge, but is crucial for maintaining a secure network. You must use test solutions that keep up with the most recent high-risk malware.
  4. Scale: How many users can you support while under attack compared to normal conditions? A malware attack can significantly hinder network performance and functionality, so it is important to determine what level of traffic and how many users you can accommodate during a breach. Once again, test systems must support tremendous scale to simultaneously emulate high-volume network attacks and verify normal user’s traffic levels are sustained.

In order to perform proper security testing, PASS methodology should be followed. This involves asking the right questions across all four PASS variables to ensure that each of these critical areas is accounted for in your malware testing plan. Being aware of how malware can compromise your system is the first step towards prevention, but taking into account each element of PASS testing can take your malware prevention to the next level.

comments powered by Disqus
× Spirent.com uses cookies to enhance and streamline your experience. By continuing to browse our site, you are agreeing to the use of cookies.