BreakingPoint Storm CTM™

Is Your Network Infrastructure Resilient Against
Attack and High-Stress Application Traffic?
BreakingPoint Storm CTM™

                                                                                        The B...
Upcoming SlideShare
Loading in …5

BreakingPoint Storm CTM - The Alternative to Costly and Complex Cyber Range Data Sheet


Published on

BreakingPoint Storm CTM - The Alternative to Costly and Complex Cyber Range Data Sheet

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

BreakingPoint Storm CTM - The Alternative to Costly and Complex Cyber Range Data Sheet

  1. 1. BreakingPoint Storm CTM™ Is Your Network Infrastructure Resilient Against Attack and High-Stress Application Traffic? The BreakingPoint Storm CTM™ finds previously impossible-to-detect stress fractures in your network, network devices or data center before they are exploited The BreakingPoint Storm CTM is a Cyber Tomography Machine designed for the world in which we live—a perilous interconnected universe with escalating network traffic and cyber attacks from a growing list of enemies. It is the only product that allows you to pinpoint previously impossible- to-detect weaknesses and vulnerabilities in network components such as routers, switches, firewalls, servers and data centers before they can be exploited to wreak havoc within your critical network infrastructure. Why Cyber Tomography? Why Now? While the term Cyber Tomography may sound unusual to describe a cybersecurity product, consider the following analogy. X-ray Computed Tomography (CT)—or the medical CAT scan—was a breakthrough that allowed physicians to visualize the inner workings of the complex human Enterprises, government agencies and contractors, service providers and body under stress to detect impossible-to-see abnormalities. network equipment manufacturers at the forefront of the war on cyber Much like a CAT scan requires the injection of dyes and the emission of crime rely on BreakingPoint products and expertise to: waves of energy into the body, BreakingPoint’s Cyber Tomography Machine • Harden Network Infrastructures: Assault network infrastructures (CTM)—the BreakingPoint Storm CTM—emits extreme application and with a custom, global and current blend of stateful applications, live malicious traffic into network devices and systems while recording and security attacks and extreme high stress load to measure resiliency. displaying the effects over time. Based on a breakthrough in network Gain visibility into never-before-seen areas of your network, probing processor technology and a future-proof product architecture, only every weakness and vulnerability to pinpoint hidden stress fractures. BreakingPoint Storm CTM can provide this unprecedented insight by • Optimize Data Center Resiliency: Simulate the behavior of producing these real-world conditions: millions of users, a crush of real-world application traffic and live • A custom blend of stateful application and malicious traffic for your security attacks to ensure data centers will be resilient under hostile network at 40 gigabits per second conditions—all without the need to deploy racks of high-speed • An always current real-world mix of applications and attacks servers and costly software. • Evaluate Network Equipment: Evaluate and select the most • Unprecedented scalability producing true global network scenarios appropriate network equipment for your infrastructure with and traffic from millions of users standardized, repeatable and deterministic product assessments. With the ability to simulate those real world conditions at these Measure and harden the resiliency of routers, switches, firewalls, IPS, performance levels, only the BreakingPoint Storm CTM can truly measure UTM and other devices by subjecting them to real-world conditions the resiliency and accuracy of products that rely on deep packet inspection prior to deployment and after patches or configuration changes. (DPI) technology—network devices, lawful intercept systems, data loss • Maintain Resiliency and Compliance: Identify network devices or prevention solutions and more. By measuring the resiliency—performance, systems that would benefit from tuning and configuration changes. security and stability—of discrete network components under high-stress Audit and maintain standards compliance throughout the lifecycle of hostile conditions, BreakingPoint enables you to find the hidden stress network devices and systems. fractures lurking within your critical network. • Research and Train Security Experts: Recreate global-scale network Comprehensive Applications, Attacks, Service and Support conditions and the ever-changing threat landscape. Analyze the BreakingPoint also offers the BreakingPoint Application and Threat impact of traffic on network devices and systems to conduct research Intelligence (ATI)™ Program, an all-in-one service backed by a team of and train the next generation of security experts. security experts. This program keeps your BreakingPoint Storm CTM updated with the latest security attacks and applications, as well as new Learn More Inside >> product features and performance upgrades as they are released.
  2. 2. BreakingPoint Storm CTM™ The BreakingPoint Storm CTM measures how your network or data center will weather cyber attack or the stress of high-volume traffic with: BreakingPoint Storm CTM Cybersecurity Advantages Real-World Application and Network Profiles Comprehensive: Simulates Real-World Scenarios • Preconfigured stateful application traffic profiles for a range of networks: The BreakingPoint Storm CTM provides comprehensive simulations for any mobile, service provider, enterprise, government, higher education and situation: others • Network Profiles – Use preconfigured traffic profiles to represent • Blend of more than 130 global applications, such as AOL® IM, Google® a range of network scenarios—wireless, global service provider, Gmail, FIX, Gnutella, IBM DB2, VMware® VMotionTM, HTTP, Microsoft® enterprise, government and others. CIFS/SMB, MAPI, Oracle, Encrypted BitTorrent™, eDonkey, MSN® Nexus, • Application Simulator – Measure the ability of a network device to RADIUS, SIP, SkypeTM, Windows Live Messenger, World of Warcraft®, accurately process a variety of application layer traffic flows. Yahoo!® Mail, Yahoo!® Messenger and many others • Client Simulator – Measure the ability of a server or server farm to • No performance degradation with blended protocols efficiently handle extreme traffic volume by simulating the behavior • Stateful recreate of captured traffic, including industry-leading two of millions of concurrent users. Gigabytes of capture buffer per port • Security – Subject a device to thousands of unique security attacks to • Optional Custom Application Toolkit for proprietary applications validate blocking capabilities or confirm the stability of devices. • Session Sender – Measure the ability of a device to handle concurrent Live Security Attacks TCP sessions by creating and maintaining large numbers of valid TCP • Searchable library of more than 4,500 live security attacks and frequent sessions with contrived data. updates • Stack Scrambler – Measure the ability of a device to operate in the • Only comprehensive Microsoft® Tuesday coverage face of invalid IP, UDP and TCP packets produced by fuzzing. • More than 80 evasions to validate common security defenses • Optional Custom Strike Toolkit for custom attacks • Recreate – Capture and recreate traffic flows that are independent of network topology. All-in-One Application and Threat Intelligence • Routing Robot – Measure the ability of a device to correctly route IP • The latest attacks and applications as well as new product features, packets by producing IP packets with a UDP payload. upgrades, maintenance, service and support Realistic and Adaptive: More than 4,500 Security Attacks and • Backed by dedicated Application and Threat Intelligence team 130 Applications with Frequent Updates The BreakingPoint Storm CTM adapts to the ever-changing cyber landscape Deep Packet Inspection (DPI), Data Loss Prevention, Anomaly Detection with the latest real-world applications and live security attacks. and Lawful Intercept Validation • Live Security Attacks – With security in our DNA, BreakingPoint • DPI validation using needle-in-a-haystack scenarios provides an extensive and always current library of 4,500 realistic • Ability to embed anomalous traffic patterns and multilingual keywords security attacks with updates published by our dedicated team of into tens of millions of data streams in-house security researchers. Using advanced security coprocessor technology, these attacks are randomized, obfuscated, and Easy to Use, Easily Scalable undetectable by trivial pattern-matching Intrusion Prevention System • Intuitive object-oriented user interface for creating realistic simulations (IPS) algorithms. • Wizard-like labs for accelerating configuration • Microsoft® Tuesday Updates – Ensure your network or device is fully • Ability to scale to unlimited performance levels covered with full Microsoft Tuesday coverage. • Real-World Applications – Select and blend stateful application Unprecedented Performance from a Single Chassis traffic from a library of more than 130 of the world’s most popular • 40 Gbps of stateful application traffic applications: AOL® IM, Google® Gmail, FIX, Gnutella, IBM DB2, • 80,000+ SSL sessions per second from a single chassis VMware® VMotionTM, HTTP, Microsoft® CIFS/SMB, MAPI, Oracle, • 30 million concurrent TCP sessions Encrypted BitTorrent™, eDonkey, MSN® Nexus, RADIUS, SIP, SkypeTM, • 1.5 million TCP sessions per second Windows Live Messenger, World of Warcraft®, Yahoo!® Mail, Yahoo!® • 600,000 steady state complete TCP sessions per second Messenger and many others. Comprehensive IPv6 Compliance Validation • Custom Toolkits – Optional Custom Toolkits accelerate attacks and • Most current and complete IPv4/IPv6 dual-stack unique/proprietary protocols.
  3. 3. BreakingPoint Storm CTM™ Fast: Emits High-Stress Traffic Composed of Millions of Users, 40 Gb of Stateful Applications and 80,000 SSL Sessions Per Second BreakingPoint Storm CTM emits a high-speed mix of hundreds of application protocols, thousands of security attacks and millions of users to measure the resiliency of your network infrastructure against attack and high-stress load. • High-Speed Blended Application Traffic – Assault network devices and networks with up to 40 Gigabits per second (Gbps) of stateful application traffic in a single chassis. • Network Processor–Based Architecture – Reach unprecedented throughput levels with the only solution architected for performance, realism and responsiveness using a patent-pending network processor–based platform. The native 64-bit architecture delivers unparalleled performance in a single 3-slot chassis: • 40 Gbps of stateful application traffic • 80,000+ SSL sessions per second from a single chassis • 30 million concurrent TCP sessions • 1.5 million TCP sessions per second • 600,000 steady state complete TCP sessions per second • 1GigE and 10GigE Interfaces – Mix or match your choice of an 8-port 1GigE or 4-port 10GigE BreakingPoint Storm CTM Application Manager interface card. Choose from more than 130 applications and tailor each protocol and simulation to your exact needs. • Scalable – Scale to enormous performance levels with multiple chassis using a single user interface, one configuration and integrated reporting. Easy to Use, Scale and Update: Provides Extensive Automation, Preconfigured Labs and Intuitive User Interface The BreakingPoint Storm CTM makes it easy to reuse scenarios, parameters and application settings, run concurrent independent simulations and even perform all features via the Tcl API. Create and modify complex evaluations and measurements without the need for time- consuming scripting and reduce configuration time to a matter of minutes. • Simulation Labs – Streamline configuration with a library of preconfigured simulations that combine all of the elements needed for many common product assessments, including: • BreakingPoint Resiliency Score™ • RFC 2544 Validation Lab • Mobile Network Optimization • Session Sender Lab • Device Control and Automation – Connect directly to a network or data center device to BreakingPoint Storm CTM Intuitive User Interface Create and modify complex simulations with built-in automation, gather performance and security measurements without the need for a separate switch. preconfigured labs and an intuitive user interface. • Simulation Import/Export – Enable multiple users to share and reuse scenarios for a range of devices with an easy-to-use bulk Import/Export functionality. • Real-Time Statistics – Immediately visualize measurement data during the evaluation. • Extensive Reporting – Generate comprehensive and configurable reports, in Web/PDF format or as raw data, that provide insight and analysis to staff at all levels. Automatically produce detailed reports to streamline remediation efforts. • ATI Program for Updates, Service and Support – Automatically receive the latest attacks, applications and operating systems upgrades at no additional cost, as well as access to comprehensive service and support. • Network Neighborhood – Unique within the industry, the BreakingPoint Storm CTM advanced BreakingPoint Storm CTM Strike Database user interface separates application simulation components from a particular network topology, Search for the live security attacks you need, save them in a smart list making it simple to scale and to reconfigure simulations around new requirements. This object- and it will automatically update with the latest attacks that fit your oriented user interface eliminates complexity and makes it easy to reuse parameters and original search criteria. application settings by layering them on top of easily reconfigured network topologies.
  4. 4. BreakingPoint Storm CTM™ • Multi-Simulation – Conduct up to 16 concurrent simulations for maximum productivity, and add multiple users with varying privileges. • Scalable Simulation – Scale to enormous performance levels by linking multiple BreakingPoint Storm CTMs using a single user interface, configuration and integrated reporting. • Tcl API – Build your own sophisticated scenarios with our full-featured The BreakingPoint Resiliency Score programmatic Tcl interface. Certification for performance and security is nothing new. In fact, Repeatable, Deterministic and Scientific: Leverage Proven we have come to expect it for everything from our phones to our Methodologies, Repeatable Labs and Pseudo Random Number automobiles. Yet cyber infrastructure equipment, which supports Generation our businesses and governments, has no standardized certification The BreakingPoint Storm CTM features prepackaged simulation labs for standardized for performance and security. and repeatable assessments. The product also supports pseudo random number Instead we rely on statements generation (PRNG) to ensure that randomized components of a simulation can be made in product marketing repeated. The BreakingPoint Storm CTM is also the only product to provide a Resiliency literature, which are based on Score Lab, a repeatable, deterministic and scientific score of a device’s performance, best-case scenarios, not real- security and stability over time. world truths. Organizations • Prepackaged and Repeatable Simulation Labs – Leverage preconfigured want measurable answers, not simulation labs that require minimal modification to streamline setup and assurances, when it comes to tedious configuration changes. cybersecurity. • Pseudo Random Number Generation (PRNG) – Produce random yet repeatable traffic simulations using a PRNG seed. PRNG ensures that even the randomized The BreakingPoint Resiliency components of a simulation sequence may be repeated identically across Score replaces marketing multiple cycles. assurances with the measurable answers needed to harden cyber infrastructure against attack • BreakingPoint Resiliency Score™ – Use the standardized Resiliency Score Lab and peak application load. Using BreakingPoint Resiliency Score, for a deterministic, scientific and easy-to-use evaluation mechanism for the available within the BreakingPoint Storm CTM, enterprises, service performance, security and stability of networking devices. With virtually no providers and government agencies can evaluate equipment using an configuration effort, users can easily compare the resiliency of numerous objective, repeatable and scientifically measured certification of the networking devices or highlight scoring trends over time, holding their performance, security and stability of any network or network device. equipment vendors accountable for performance and security weaknesses. The BreakingPoint Resiliency Score is a highly automated, relevant and reproducible scoring mechanism that measures the resiliency of a network or network device under real-world application traffic, real-time security attacks, heavy user load and other methods. The BreakingPoint Resiliency Score lets you: • Conduct standardized, deterministic and repeatable bake-offs to evaluate vendor performance and security claims • Identify deployments that are inherently less resilient and establish risk models for managed security service engagements • Institute and consistently analyze accurate liability models • Create tiered pricing models that take into account the liability and risk models The BreakingPoint Resiliency Score • Identify and remediate security and performance degradation over A standardized and highly-automated means to measure and deterministically time to ensure ongoing resiliency score the performance, security and stability of networking devices. • Right-size your infrastructure by evaluating resiliency based on deployment scenarios • Make more informed network device and service purchase decisions
  5. 5. BreakingPoint Storm CTM™ All Inclusive: Stay Current With The Application and Threat Intelligence (ATI) Program BreakingPoint products are architected to adapt rapidly to change. That is the only way to ensure networks will maintain ongoing resiliency against attack. BreakingPoint continuously introduces security strikes and applications from BreakingPoint Labs through our Application and Threat Intelligence (ATI) service and support program. The only research team of its kind, the BreakingPoint ATI team is a dedicated group of security researchers and application protocol engineers committed to keeping the BreakingPoint Storm CTM completely current. The research team provides frequent strike and protocol BreakingPoint ATI Program updates and is on call to provide users with requested protocols, often in a matter of Keep your simulations current with the very latest live security attacks, hours. The combination of the BreakingPoint Storm CTM and up-to-date security strikes real-world applications and features automatically updated to your and protocols enables you to find critical cyber infrastructure vulnerabilities before it is BreakingPoint Storm CTM. too late. Additional Options • BreakingPoint Custom Application Toolkit: Write and accelerate your own proprietary applications. • BreakingPoint Custom Strike Toolkit: Develop and accelerate custom security attacks. • BreakingPoint Multi-Test License: Conduct up to 16 concurrent simulations for maximum productivity. BreakingPoint Storm CTM Technical Specifications System Configuration • 3-slot chassis with 1 system controller • Up to 2 interface cards per chassis; options include: • 10GigE interface card • Four 10GigE ports • XFP interface • Two Gigabytes of capture buffer per port • 1GigE interface card • Eight 1GigE ports The BreakingPoint Storm CTM • SFP interface 3-slot chassis is available with a 10GigE or 1GigE interface card and can be seamlessly • One Gigabyte of capture buffer per port connected to additional chassis’ for unlimited performance scalability. Physical Specifications • Rack Units: 4 • Installed: 17.4 in W x 7 in H x 19.5 in D (Metric: 44.2 cm W x 17.8 cm H x 49.8 cm D) • Shipping Weight: 45 lbs. (20.4 kg) • Operating Environment: 15O C to 40O C • Non-Operating Environment: -20O C to 70O C • Power Requirements: 100-240V, 50/60 Hz • Maximum Power Consumption: 1200W • Regulatory Approvals: FCC Class A, CE, EN60950
  6. 6. BreakingPoint Storm CTM™ Partial List of More than 130 Real-World Applications In addition to more than 4,500 live security attacks, the BreakingPoint Storm CTM supports a growing portfolio of more than 130 applications, with new applications and security attacks added frequently. Visit for the most up-to-date list. AUTHENTICATION DATA TRANSFER / FILE SHARING PEER-TO-PEER TELEPHONY DIAMETER IPP Applejuice MM1 RADIUS Accounting NetBIOS BitTorrent™ Peer H.323 RADIUS Access NFS BitTorrent Tracker SMPP SMB/CIFS Encrypted BitTorrent CHAT SMB v2 eDonkey™ TESTING AND MEASUREMENT AOL® IM Gnutella™ Leaf Chargen AIM6 Keyserver DISTRIBUTED COMPUTING Gnutella Ultrapeer Daytime AIM6 Rendezvous Citrix PPLive Discard AIM6 Switchboard DCE/RPC QQLive Echo IRC VMware® VMotion™ WinNY OWAMP Control Jabber OWAMP Test MSN Dispatch EMAIL REMOTE ACCESS QOTD MSN Nexus AOL Webmail RDP TWAMP Control Oscar Google® Gmail REXEC TWAMP Test QQ IM GMX Webmail & Attachment RFB Windows Live Messenger Hotmail & Attachment RSH VOICE / VIDEO Yahoo!® Messenger IMAP RLogin H.225.0 POP3 Telnet H.225 RAS DATABASES SMTP H.245 IBM DB2® Yahoo Mail & Attachment SECURE DATA TRANSFER MMS MM1 Informix® HTTPS RTP Microsoft SQL® ENTERPRISE APPLICATIONS SSH RTP Unidirectional Stream MySQL Endpoint Mapper RTCP Oracle® Exchange Directory SOCIAL NETWORKING RTSP PostgresSQL MAPI Exchange Twitter™ SIP Sybase® SAP® Skype TDS SYSTEM/NETWORK ADMIN. SkypeTM UDP Helper TNS FINANCIAL DNS SMPP FIX IDENT STUN DATA TRANSFER FIXT Finger FTP LDAP Gopher GAMES NTP HTTP World of Warcraft® RPC Bind NNTP RPC Mount RSync SNMP TFTP Sun® RPC Syslog Time
  7. 7. BreakingPoint Storm CTM™ About BreakingPoint Contact BreakingPoint BreakingPoint pioneered the first and only Cyber Tomography Machine (CTM) to Learn more about BreakingPoint products and expose previously impossible-to-detect stress fractures within cyber infrastructure services by contacting a represenative in your area. components before they are exploited to compromise customer data, corporate assets, 1.866.352.6691 U.S. Toll Free brand reputation and even national security. BreakingPoint cybersecurity products are the standard by which the world’s governments, enterprises, and service providers optimize the resiliency of their cyber infrastructures. For more information, visit www. BreakingPoint Global Headquarters 3900 North Capital of Texas Highway BreakingPoint Storm CTM Austin, TX 78746 BreakingPoint has pioneered Cyber Tomography with the introduction of the email: BreakingPoint Storm CTM, enabling users to see for the first time the virtual stress tel: 512.821.6000 fractures lurking within their cyber infrastructure through the simulation of crippling toll-free: 866.352.6691 attacks, high-stress traffic load and millions of users. BreakingPoint Government Solutions Group BreakingPoint Storm CTM is a three-slot chassis that provides the equivalent email: performance and simulation of racks and racks of servers, including: tel: 703.443.1501 • 40 Gigabits per second of blended stateful application traffic • 30 million concurrent TCP sessions BreakingPoint EMEA Sales Office Paris, France • 1.5 million TCP sessions per second email: • 600,000+ complete TCP sessions per second tel: + 33 6 08 40 43 93 • 80,000+ SSL sessions per second • 130+ stateful applications BreakingPoint APAC Sales Office • 4,500+ live security strikes Suite 2901, Building #5, Wanda Plaza No. 93 Jianguo Road BreakingPoint Resources Chaoyang District, Beijing, 100022, China Hardening cyber infrastructure is not easy work, but nothing that is this important has email: ever been easy. Enterprises, service providers, government agencies and equipment tel: + 86 10 5960 3162 vendors are under pressure to establish a cyber infrastructure that can not only repel attack but is resilient to application sprawl and maximum load. BreakingPoint’s Cyber Tomography Machine (CTM) provides the technology and solutions that allow these organizations to create a hardened and resilient cyber infrastructure. BreakingPoint also provides the very latest industry resources to make this process that much easier, including Resiliency Methodologies, How-to Guides, white papers, webcasts, and a newsletter. To learn more, visit BreakingPoint Application and Threat Intelligence Community Join discussions on the latest developments in application and threat intelligence. BreakingPoint Labs brings together a diverse community of people leveraging the most current insight to harden cyber infrastructure to withstand crippling attack and high-stress application load. Visit © 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc. 7 All other trademarks are the property of their respective owners.