Spirent Communications

CyberFlood

Environment

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

Introduction CyberFlood is a powerful, easy-to-use test solution that generates

thousands of different realistic application traffic scenarios and attacks to test the performance, scalability and security of today’s application aware network infrastructures.

CyberFlood Environment

This Presentation will provide a high level overview of some of the key test types performed within a Layer 4-7 environment and then identify the CyberFlood Tests that map to the types defined.

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

IntroductionLayer 4-7 Test Environment

• What makes Layer 4-7 testing so important? Besides testing, there really are only a few methods to support decision-making for network deployment (vendor marketing literature, word of mouth, and personal experiences).

• Personal experience provides valuable ideas for effective design and deployment of a network. Even then, proper testing ensures performance objectives are met, unforeseen bottlenecks resolved and costs optimized. As costs rise for technology and implementations, managers seek better returns on investment (ROI) and a reduction in the price of testing. If too much equipment is purchased, the ROI may never be realized. Underprovisioning is equally dangerous. Testing measures the actual performance of the deployment. It discovers bottlenecks, supports increased performance and ensures a company's goals are reached — high ROI, few errors and productivity enhancements.

• There are more than million applications available on app store, android market and Facebook combined.• Content aware devices are enabling www growth. The devices and applications are changing at an extremely

fast pace. Testing these devices and applications is essential.

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

Network/Security/Application Performance TestingLayer 4-7 Test Environment

Can users post pictures to Facebook?

Will your device allow or deny identified types of Applications?

How much traffic?How does the traffic mix influence

the device?

• Network/Security/Application Performance Testing allows you to verify that your Device/Network can process the key Applications/Attacks as expected under load.

• The edge of the network has become the bottleneck rather than the core. Infrastructure testing focuses in on the network infrastructure components at the edge:

o Firewalls including Next Generation Content Aware devices

o Intrusion detection systems

o VPN Gateways

o SSL Accelerators

o Load balancers and web switches

o Web caches

• L3 devices are not behaving as expected in real life when exposed to L7 traffic.

• Even if the device is not L4-L7 aware, when subjected to L7 traffic, the loading characteristics change which can pose distinct functional and performance problems.

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

Protocol Performance Testing (HTTP/HTTPs)Layer 4-7 Test Environment

HTTP/HTTPs

How many Open TCP Connections?

How many TCP CPS?

How much Bandwidth?

• Protocol Performance Testing allows you to identify key specification such as the Connection per Second Capacity rate of the Device or Maximum Device Bandwidth for staple protocols such as HTTP and HTTPs.

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

Protocol Performance Testing (Multiple Protocols)Layer 4-7 Test Environment

• Protocol Performance Testing allows you to identify key specification such as the Connection per Second Capacity rate of the Device or Maximum Device Bandwidth for various Protocols, including custom Protocols.

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

DDos TestingLayer 4-7 Test Environment

• DDoS Testing allows you identify the impact of DDoS traffic on your Stateful Device while also sending normal traffic..

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

Protocol FuzzingLayer 4-7 Test Environment

Test DataTo Fuzz

T35_ D{}aT0 F==z

Bit Flipping

• Protocol Fuzzing Testing allows you to identify issues with your Security Devices by providing invalid, unexpected, or random to the inputs of a computer program. The program is then monitored.

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

Applications/System TestingLayer 4-7 Test Environment

Login Testing

Hardware/Software Evaluation

• System Testing allows you to verify the application performs as expected under load.

• System Testing focuses in on the Server and applications that run on these devices.

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

• Mix apps and attacks to validate your security infrastructure

• Assess perimeter security with 1000s of attacks

• Thousands of latest apps to create today’s traffic environment

• Emulate malware infected host behavior

Network/Security/Application Performance TestingCyberFlood System

Unique Attributes

Key Test Areas

• Validation and Performance Testing of security & web infrastructure

• Defense against attacks and malware while identifying application traffic

• Supports the functional and performance testing of:

o Web switches and SSL accelerators

o Caches and HTTP proxies

o Firewalls and intrusion detection systems

o Web infrastructures, including web servers Spirent test products address key business issues of the evolving security infrastructure testing: end-to-end and system-level functionality, availability under attack, and impact of security on performance.

• When used for device level testing it provides:

o Functional and performance driven end-to-end security testing using real application traffic such as Facebook or YouTube.

o Offers capacity planning of the devices and the ability to measure the effects of integrated functions.

o CyberFlood can simulate inline Attack traffic to characterize the behavior of the DUT while under attack.

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

Protocol Performance TestingCyberFlood System

• Tests with line rate stateful traffic

• Create realistic tests with mixed protcol traffic

• Millions of new CPS rate can recreate any high volume surge in traffic

Unique Attributes

Key Test Areas • Protocol Performance Testing of Layer 4 Devices

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

DDoS TestingCyberFlood System

• Protocol and Volumetric test allow you to against test state exhaustion and network congestion

Unique Attributes

Key Test Areas • Identify the impact of DDoS traffic on your Stateful Device.

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

Protocol Fuzzing TestingCyberFlood System

• Find zero day vulnerabilities with your Products or Service

• Reproduce issues to confirm software defectsUnique Attributes

Key Test Areas

• Validate the stability of applications, hosts or network devices using Advanced Fuzzing techniques.

• Perform different service and protocol mutation scenarios using Fuzzing

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

Applications/System TestingCyberFlood System

At the present time, Applications/System Testing is performed using Avalanche Commander.

• When used for system level testing, the Avalanche can interact with live servers including web, application and database servers.

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

Spirent® Communications, Inc. and its related company names, branding, product names and logos referenced herein, and more specifically “Spirent” are either registered trademarks or pending registration within relevant national laws.

Thank You

CyberFlood V1D1A

CyberFlood Environment

Spirent Communications

INTENTIONALLY BLANK

Spirent Communications

CyberFlood Environment

CyberFlood V1D1A