The tools below will let you test your security policy. The following tests focus on a specific security domain in the product’s security policy.
Behavior Profile Security Engine Testing Test Code Obfuscation of Malicious Script (COMS) Description: Code Obfuscation is a methodology used by malicious code writers to obfuscate their harmful code.
It uses encryption and encoding in order to garble the original source code, therefore making it harder to analyze.
Guidelines: Click on the link below to test your Behavior profile policy.
If you receive "Security Status: You are safe" message, your Behavior policy is active. If you receive the message "Security Status: You are vulnerable", it means that your Behavior profile engine is not set up properly.
Solution: To prevent this malicious code from entering your network, make sure to enable the [Block Malicious Scripts by Behavior] rule in your security policy.
Links: This demo is based on a known vulnerability in web browsers.
Test JavaScript/vb
Description: JavaScript/VB Script are codes that can be embedded into a webpage to add functionality.
This added functionality and flexibility results in exposure to some security risk.
Description: Java applets are programs designed to execute on another program (usually a web browser).
Since java applets run without user intervention, the JVM (Java Virtual Machine) enforces some limitations upon it. These limitations include writing files to the local computer, reading files, program execution, registry manipulation, and so on.
However, there are some security vulnerabilities (See: CAN-2005-3906) that allow malicious applets to bypass these limitations.
As such, any applet that tries to perform any of the restricted actions should be blocked regardless of the bypass technique, if there are any used. Guidelines: Click on the link below to test your Intrusion Prevention.
If you receive "Security Status: You are safe" message, your Intrusion Prevention is active.
If you receive the message "Security Status: You are vulnerable", it means that your Intrusion Prevention engine is not setup properly.
Solution: To prevent this malicious code from entering your network, make sure to enable your anti-virus service.
URL Filtering Security Engine Testing Test URL Filtering Description: Perform the following test in order to validate weather the URL filtering engine works correctly Guidelines: Click on the link below to test your URL Filtering policy.
The URL below will lead to a site that is categorized as hacking site, and therefore should be blocked. If you receive the Vital Security alert message, your URL Filtering policy is active.
If you get to the actual hacking site, it means that your URL Filtering policy was not setup correctly.
Solution: To prevent this malicious code from entering your network, make sure to enable the Web Content Filter.