https://community.cisco.com/t5/network-security/asa-firewall-penetration-testing/m-p/4058817#M1068722 <P>A vulnerability scan is NOT penetration testing. It's sad that professionals would comment/recommend such an action without freaking knowing the difference between vulnerability scanning and penetration testing. Vulnerability scanners are automated tools looks for specific (often known) vulnerabilities in given technologies. Penetration testing is actually performing tests to evaluation vulnerabilities found by scanners, but much more importantly perform tests to compromise systems that are most often not enumerated or disclosed with the scanners.</P> Fri, 03 Apr 2020 23:57:17 GMT rcoleman67 2020-04-03T23:57:17Z https://community.cisco.com/t5/network-security/asa-firewall-penetration-testing/m-p/714792#M978421 <P>Hi forum,</P><P></P><P>Due to SOX requirements, we are supposed to perform penetration testing on the firewall to ensure it is working as accordingly. There are tons of info on the web, I am almost complete novice at this, I would appreciate if you could advise me on how should I go about doing this? I need to write a procedure to do this yearly.</P><P></P><P>Kind regards,</P><P>PN</P> Mon, 11 Mar 2019 10:30:48 GMT https://community.cisco.com/t5/network-security/asa-firewall-penetration-testing/m-p/714792#M978421 paulnigel 2019-03-11T10:30:48Z https://community.cisco.com/t5/network-security/asa-firewall-penetration-testing/m-p/714793#M978425 <HTML><HEAD></HEAD><BODY><P>download Nessus ( <A class="jive-link-custom" href="http://www.nessus.org/" target="_blank">http://www.nessus.org/</A> ) - the free version. It's one of the better scanners for it's price (free). The biggest difference between the free version and the licensed version is updates are delayed a week for the free version. </P><P>lots of good options and tests for TONS of vulnerabilities. </P></BODY></HTML> Fri, 15 Jun 2007 01:43:31 GMT https://community.cisco.com/t5/network-security/asa-firewall-penetration-testing/m-p/714793#M978425 srue 2007-06-15T01:43:31Z https://community.cisco.com/t5/network-security/asa-firewall-penetration-testing/m-p/714794#M978428 <HTML><HEAD></HEAD><BODY><P>There is a GUI frontend which works well once it is configured. YOu can try that too.</P><P></P><P>It is called INPROTECT. Try that out.</P></BODY></HTML> Fri, 15 Jun 2007 06:01:54 GMT https://community.cisco.com/t5/network-security/asa-firewall-penetration-testing/m-p/714794#M978428 anandramapathy 2007-06-15T06:01:54Z https://community.cisco.com/t5/network-security/asa-firewall-penetration-testing/m-p/714795#M978431 <HTML><HEAD></HEAD><BODY><P>Thank you everyone for being so helpful. <span class="lia-unicode-emoji" title=":grinning_squinting_face:">😆</span></P><P></P><P>Thanks much,</P></BODY></HTML> Fri, 15 Jun 2007 06:05:10 GMT https://community.cisco.com/t5/network-security/asa-firewall-penetration-testing/m-p/714795#M978431 paulnigel 2007-06-15T06:05:10Z https://community.cisco.com/t5/network-security/asa-firewall-penetration-testing/m-p/4058817#M1068722 <P>A vulnerability scan is NOT penetration testing. It's sad that professionals would comment/recommend such an action without freaking knowing the difference between vulnerability scanning and penetration testing. Vulnerability scanners are automated tools looks for specific (often known) vulnerabilities in given technologies. Penetration testing is actually performing tests to evaluation vulnerabilities found by scanners, but much more importantly perform tests to compromise systems that are most often not enumerated or disclosed with the scanners.</P> Fri, 03 Apr 2020 23:57:17 GMT https://community.cisco.com/t5/network-security/asa-firewall-penetration-testing/m-p/4058817#M1068722 rcoleman67 2020-04-03T23:57:17Z https://community.cisco.com/t5/network-security/asa-firewall-penetration-testing/m-p/4058888#M1068726 <P><a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1027948">@rcoleman67</a> this thread is 13 years old. The state of maturity in the pen testing world is a bit different now than it was in 2007.</P> Sat, 04 Apr 2020 03:54:57 GMT https://community.cisco.com/t5/network-security/asa-firewall-penetration-testing/m-p/4058888#M1068726 Marvin Rhoads 2020-04-04T03:54:57Z