How to Test High-Performance Next-Generation Firewalls

Uploaded on

Testing next-generation firewalls necessitates simulating realistic network conditions to help you validate your enterprise firewall performance, attack detection and blocking while increasing …

Testing next-generation firewalls necessitates simulating realistic network conditions to help you validate your enterprise firewall performance, attack detection and blocking while increasing stability and reliability under extended attack.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide
  • Your business is in the middle of a firestorm:Increasing user load and dynamic high bandwidth application trafficSophisticated high-speed network and security devices with bugs and vulnerabilities baked inInsecure “out-of-the-box” configurationsNew zero-day attacks every dayRelentless stream of patches Legacy resource-intensive testing makes it cost-prohibitive to achieve the right balance of performance and security
  • Resiliency: performance, security, stability under real-world network conditions
  • Detection and blocking capabilities under load and under attack
  • Based on a patented breakthrough in network processor-driven innovation, only the BreakingPoint Storm CTM allows anyone to unleash Internet-scale cyberwar in a controlled environment. A single BreakingPoint Storm CTM produces high-performance traffic from hundreds of real-world applications, load from millions of users, and comprehensive security coverage that includes thousands of current attacks and malware, as well as obfuscation and evasion techniques. The product features built-in automation to:Produce a standardized Resiliency Score™ to measure network and data center performance, security and stabilityMeasure the performance of massive virtualized infrastructures in the face of peak user load and attackValidate the accuracy and performance of Lawful Intercept and Data Loss Prevention systemsAnd the architecture of this device makes it futureproof and always current. This means that you can use it to conduct accurate research into cyber conditions – not just today, but for many years to come.Businesses, Governments, and Internet users expect secure, reliable, and fast access to data and communications. When security measures slow network performance, communications are lost, agility is compromised, and billions of dollars are wasted. If security measures are not rigorous, critical information and national security are compromised and costs skyrocket. The goal is to find the optimal balance of security and performance to assure cyber infrastructure resiliency.The enemy of resiliency is network mayhem. Today’s public and private network infrastructures are complex, dynamic, and increasingly vulnerable to network mayhem in the form of cyber attacks, viruses, human error, and escalating traffic from bandwidth-heavy or easily compromised applications such as BitTorrent, Gmail, YouTube, Twitter, iPhone, Skype, and hundreds of others. BreakingPoint creates network mayhem by simulating true global network conditions with a current mix of blended application traffic and live security attacks at live network speeds, as well as traffic from millions of users, to assure resilient networks, Web applications and cloud services. Powered by high-speed network processors and specialized hardware, the BreakingPoint Storm emits high-speed stress vectors composed of a global, custom, and current mix of application and attack traffic. This precision product then images the effects of the stress vectors on a discrete device or a device within a network.
  • Enterprise firewalls understand the application logic, and have a detailed knowledge of the acceptable rules of engagement between the external client and the internal application server. They are thus capable of inspecting the content of each request and response and applying a complex set of rules in order to ensure that the client is not doing anything malicious. The more closely a firewall examines network data, the greater the latency. That’s why it is vital that you validate performance and functionality together both under load and under attack.To test enterprise firewalls that incorporate DPI capability requires an authentic blend of application traffic from applications such as databases, peer to peer traffic, etc. combined with live security strikes, at multi-gigabit speeds. The test environment should emulate a live network environment as closely as possible. BreakingPoint enables the thorough testing of all the components of a Firewall device in a controlled and repeatable manner with realistic application traffic and maximum load conditions. BreakingPoint enables you to simulate different application protocols including a full range of databases, proprietary applications, as well as standard protocols such as HTTP.You can define a variety of settings to validate the WAF under different configurations.The BreakingPoint NP-driven architecture makes it easy to simulate a large number of different clients and server to validate performance under load by simulating thousands or millions of users with over 15 million concurrent TCPsessions BreakingPoint Storm simulates realistic network conditions to help you validate performance, attack detection and blocking, as well as stability and reliability under extended attack.


  • 1. How To Evaluate
    High-Performance Firewalls
  • 2. About Crossbeam
    Crossbeam helps the Global 2000, Service Providers and Government agencies consolidate their security infrastructure.
    Crossbeam’s openplatform - the X-Series - scales linearly and offers best-of-breed security
    Deployed in 10 out of top 11 Service Providers in the world
    Deployed in 1000+ Global Enterprise Companies
    Global operations –
    11 Years Strong.
    • Headquarters: Outside Boston, MA
    • 3. Support & services in over 50 countries
    • 4. 60+ Global Integrators
    • 5. 50+% International Business
    • 6. 13 out of 14 Quarters positive EBITDA
  • L2
    The Crossbeam Virtual Infrastructure
    Crossbeam creates a “Network in a Box”
    • Network Processor Modules
    • 7. Application Processor Modules
    • 8. Control Processing Modules
    The X-Series Platform becomes a “Virtual Infrastructure” integrating both Network Processing & Application Processing
  • 9. The Crossbeam X-Series Portfolio
    The Most Scalable Open Secure Platforms
    • 4-Slot Flexible Chassis
    • 10. Pre-Configured for one application
    • 11. Expandable to 2 applications
    • 12. 5Gbps Backplane Performance
    • 13. 4-Slot Flexible Chassis
    • 14. Pre-Configured for one application
    • 15. Expandable to 2 applications
    • 16. 10Gbps Backplane Performance
    • 17. 7-Slot Modular Chassis
    • 18. Expandable to 5 applications
    • 19. 80Gbps Backplane Performance
    • 20. Single Box HA
    • 21. 14-Slot Modular Chassis
    • 22. Expandable to 10 applications
    • 23. 150Gbps Backplane Performance
    • 24. Single Box HA
  • IT Firestorm Threatens Business Performance
  • 25. Does High-Performance = Resilient?
  • 26. 4 Keys to Evaluating High-Performance Gear: #1
    Real-World Blended Application Traffic
  • 27. 4 Keys to Evaluating High-Performance Gear: #2
    Enable Rules and Commence Attack
  • 28. 4 Keys to Evaluating High-Performance Gear: #3
    Set-Up, and Tear-Down, Connections
  • 29. 4 Keys to Evaluating High-Performance Gear: #4
    Sustaining Connections, During Load
  • 30. How? Attack Thyself!
    Real Attacks
    • 4,500 live security attacks
    • 31. 100+ evasions
    • 32. Malware & Spam
    • 33. DDoS and Botnet simulation
    • 34. Custom attacks
    • 35. Research and frequent updates
    Real World Applications
    • 150+ application protocols
    • 36. Social media, peer-to-peer, voice, video
    • 37. Web and enterprise applications, gaming
    • 38. Custom applications
    • 39. Frequent updates
    Unprecedented Performance with McAfee Firewall Enterprise
    • 40 Gbps blended application traffic
    • 40. 10M concurrent TCP sessions
    • 41. 160,000 connections/second
    • 42. 38 Gbps SSL bulk encryption
  • Validating High-Performance Gear
    High-Performance Network Gear
    150+ Blended
    Application Traffic (ex: HTTP, MySQL, Oracle)
    4500+ Live
    Security Strikes
    Millions of Sessions
    Performance with blended applications
    Performance with security rules enabled
    Ability to set-up AND tear-down connections
    Ability to sustain connections, during load
  • 43. Questions and Answers