This chapter completes the technical portion of the INFOSEC Evaluation Methodology (IEM). The chapter performs an evaluation/analysis of all network devices, including firewalls, routers, and IDSs. It conducts a password-compliance testing (also known as password cracking). The chapter also discusses application-specific scanning and the way it supplements the results from the vulnerability scans and host evaluations. The chapter examines the network protocol analysis and its role in the IEM. The IEM uses two approaches in the network device analysis/evaluations. The design approach is an evaluation of the design of the perimeter and the defenses for the organization. The technical approach is a technical evaluation of the various perimeter device configurations and settings.