UL 2825 assesses network-product resiliency

Feb. 24, 2011
Servers, routers ad other network equipment will be tested for heavy traffic and security attacks.

Underwriters Laboratories (UL) recently announced UL 2825, which is a framework for certifying resiliency in network products used in LANs and data centers. When announcing the framework, UL noted it is a response to legislation already enacted in one state, pending in others, and potentially set for consideration on a federal level.

UL 2825 covers servers, routers, firewalls, universal threat management devices, intrusion prevention systems and converged network server equipment.

The organization explained, "New IT security legislation introduced in the state of Texas enacted an IT infrastructure resiliency law in 2010 designed to hold IT device manufacturers accountable for product claims through an independent and thorough validation certification process. Pending legislation in several other states, as well as possible attention at the U.S. federal government level, will require independent resiliency certification of network and security products."

UL 2825 provides requirements under which "network infrastructure devices are evaluated against published vulnerabilities that affect a particular device," UL says. "The device is expected to continue to operate as intended while subjected to exploits of published vulnerabilities." The testing lab has said it has chosen BreakingPoint cyber tomography machines (CTMs) to use when testing to UL 2825. "We felt that BreakingPoint provided the product, solutions and security experience to best meet our needs," said UL's commercial director of operations for life safety and security industries Bob Jamieson.

When announcing the framework, UL also described what it will take for a device to achieve certification. Specifically, a device will be subjected to the following.

  • Internet-scale network conditions including high-stress user load
  • Real-world application traffic
  • Live security attacks, updated monthly.

Measurements of the device-under-test's resiliency will be taken and compared to the manufacturer's published metrics. For devices that meet appropriate requirements, UL will publicize certification results. "This system of evaluation is ideal for equipment manufacturers to certify the resiliency of all products, as well as each time that product undergoes an update," UL said.

Sponsored Recommendations

Cat 6A Frequently Asked Questions

April 29, 2024
At CommScope we know about network change and the importance of getting it right. Conclusion Category 6A cabling and connectivity.

Revolutionize Your Network with Propel Fiber Modules

Oct. 24, 2023
Four sizes of interchangeable Propel fiber modules provide the breadth of capabilities for virtually any configuration.

Elevate Your Network with Propel High-Density Panels

Oct. 24, 2023
Propel Series Sliding Fiber Optic Panels

Constellation™ - Explore power and data products

Oct. 24, 2023
Discover the Essentials for Building Your Power and Data System!