I often use penetration-testing tools as part of my security evaluations. Most recently, I used Core Security Technologies' Core Impact 5.1 to help assess the effectiveness of Arbor Networks' Peakflow X 3.4 .
Core Impact is a nice tool for contractors and network security staff and is set up to conduct project-by-project pen tests. The results of these tests are stored for each project, so it's easy to see how changes from one run to the next are either improving or compromising network access.
I used Core Impact to automatically launch attacks against the target network, and then I watched to see how quickly Peakflow sensed the attack, warned me that it was happening and then took action to reconfigure network settings so that the Core Impact system would be isolated.
Core Impact wasn't the only tool I tested Peakflow X with—even the simple network management tool WhatsUp Gold from Ipswitch triggered the paranoid (in this case, a good thing) Peakflow X. But to get really down and dirty with simulated attacks, Core Impact is a nice pen-testing tool to have at hand.
Core Impact costs $25,000, including all updates, training and new exploit code, for one year. For more information, go to www.coresecurity.com.
--Cameron Sturdevant
Source: eWeek
http://www.eweek.com/article2/0,1759,1927274,00.as
