Re: [fw-wiz] Real Traffic Testing
From: Luca Berra (bluca_at_comedia.it)
Date: 10/26/03
- Previous message: John Adams: "Re: [fw-wiz] Real Traffic Testing"
- In reply to: Gianpiero Porchia: "[fw-wiz] Real Traffic Testing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Firewall-Wizards <firewall-wizards@honor.icsalabs.com> Date: Sun, 26 Oct 2003 15:37:38 +0100
Gianpiero Porchia wrote:
> Hi,
>
> We are evaluating a new firewall technology. Instead of testing it in a lab,
> we would like to test it in a production environment. The idea should be the
> following:
>
> - Get the production traffic (for example using TAPs)
> - Send the traffic to the new firewall
> - Look at the firewall behaviour
it might work only if:
- FW and FW-test are only dumb packet filters
or
- FW and FW-test are guaranteed to behave in the same way when mangling
packets
but then it might not.... i believe the lab option will give you less
headaches.
> The problems:
> - The traffic is directed to the MAC address of FW, so FW-test will drop it;
you have to change the mac-address of FW-test to match FW
-- Luca Berra -- bluca@comedia.it /"\ \ / ASCII RIBBON CAMPAIGN X AGAINST HTML MAIL / \ _______________________________________________ firewall-wizards mailing list firewall-wizards@honor.icsalabs.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: John Adams: "Re: [fw-wiz] Real Traffic Testing"
- In reply to: Gianpiero Porchia: "[fw-wiz] Real Traffic Testing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
