How to Test High-Performance Next-Generation Firewalls


Published on

Testing next-generation firewalls necessitates simulating realistic network conditions to help you validate your enterprise firewall performance, attack detection and blocking while increasing stability and reliability under extended attack.

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Your business is in the middle of a firestorm:Increasing user load and dynamic high bandwidth application trafficSophisticated high-speed network and security devices with bugs and vulnerabilities baked inInsecure “out-of-the-box” configurationsNew zero-day attacks every dayRelentless stream of patches Legacy resource-intensive testing makes it cost-prohibitive to achieve the right balance of performance and security
  • Resiliency: performance, security, stability under real-world network conditions
  • Detection and blocking capabilities under load and under attack
  • Based on a patented breakthrough in network processor-driven innovation, only the BreakingPoint Storm CTM allows anyone to unleash Internet-scale cyberwar in a controlled environment. A single BreakingPoint Storm CTM produces high-performance traffic from hundreds of real-world applications, load from millions of users, and comprehensive security coverage that includes thousands of current attacks and malware, as well as obfuscation and evasion techniques. The product features built-in automation to:Produce a standardized Resiliency Score™ to measure network and data center performance, security and stabilityMeasure the performance of massive virtualized infrastructures in the face of peak user load and attackValidate the accuracy and performance of Lawful Intercept and Data Loss Prevention systemsAnd the architecture of this device makes it futureproof and always current. This means that you can use it to conduct accurate research into cyber conditions – not just today, but for many years to come.Businesses, Governments, and Internet users expect secure, reliable, and fast access to data and communications. When security measures slow network performance, communications are lost, agility is compromised, and billions of dollars are wasted. If security measures are not rigorous, critical information and national security are compromised and costs skyrocket. The goal is to find the optimal balance of security and performance to assure cyber infrastructure resiliency.The enemy of resiliency is network mayhem. Today’s public and private network infrastructures are complex, dynamic, and increasingly vulnerable to network mayhem in the form of cyber attacks, viruses, human error, and escalating traffic from bandwidth-heavy or easily compromised applications such as BitTorrent, Gmail, YouTube, Twitter, iPhone, Skype, and hundreds of others. BreakingPoint creates network mayhem by simulating true global network conditions with a current mix of blended application traffic and live security attacks at live network speeds, as well as traffic from millions of users, to assure resilient networks, Web applications and cloud services. Powered by high-speed network processors and specialized hardware, the BreakingPoint Storm emits high-speed stress vectors composed of a global, custom, and current mix of application and attack traffic. This precision product then images the effects of the stress vectors on a discrete device or a device within a network.
  • Enterprise firewalls understand the application logic, and have a detailed knowledge of the acceptable rules of engagement between the external client and the internal application server. They are thus capable of inspecting the content of each request and response and applying a complex set of rules in order to ensure that the client is not doing anything malicious. The more closely a firewall examines network data, the greater the latency. That’s why it is vital that you validate performance and functionality together both under load and under attack.To test enterprise firewalls that incorporate DPI capability requires an authentic blend of application traffic from applications such as databases, peer to peer traffic, etc. combined with live security strikes, at multi-gigabit speeds. The test environment should emulate a live network environment as closely as possible. BreakingPoint enables the thorough testing of all the components of a Firewall device in a controlled and repeatable manner with realistic application traffic and maximum load conditions. BreakingPoint enables you to simulate different application protocols including a full range of databases, proprietary applications, as well as standard protocols such as HTTP.You can define a variety of settings to validate the WAF under different configurations.The BreakingPoint NP-driven architecture makes it easy to simulate a large number of different clients and server to validate performance under load by simulating thousands or millions of users with over 15 million concurrent TCPsessions BreakingPoint Storm simulates realistic network conditions to help you validate performance, attack detection and blocking, as well as stability and reliability under extended attack.
  • How to Test High-Performance Next-Generation Firewalls

    1. 1. How To Evaluate <br />High-Performance Firewalls<br />
    2. 2. About Crossbeam <br />Crossbeam helps the Global 2000, Service Providers and Government agencies consolidate their security infrastructure.<br />Crossbeam’s openplatform - the X-Series - scales linearly and offers best-of-breed security<br />Deployed in 10 out of top 11 Service Providers in the world<br />Deployed in 1000+ Global Enterprise Companies<br />Global operations – <br />11 Years Strong. <br /><ul><li>Headquarters: Outside Boston, MA
    3. 3. Support & services in over 50 countries
    4. 4. 60+ Global Integrators
    5. 5. 50+% International Business
    6. 6. 13 out of 14 Quarters positive EBITDA</li></li></ul><li>L2<br />Internet<br />L2<br />IPS<br />FW<br />LB<br />LB<br />LB<br />LB<br />The Crossbeam Virtual Infrastructure<br />Crossbeam creates a “Network in a Box”<br /><ul><li>Network Processor Modules
    7. 7. Application Processor Modules
    8. 8. Control Processing Modules</li></ul>The X-Series Platform becomes a “Virtual Infrastructure” integrating both Network Processing & Application Processing<br />
    9. 9. The Crossbeam X-Series Portfolio<br />The Most Scalable Open Secure Platforms<br />X20<br />X30<br />X60<br />X80-S<br /><ul><li>4-Slot Flexible Chassis
    10. 10. Pre-Configured for one application
    11. 11. Expandable to 2 applications
    12. 12. 5Gbps Backplane Performance
    13. 13. 4-Slot Flexible Chassis
    14. 14. Pre-Configured for one application
    15. 15. Expandable to 2 applications
    16. 16. 10Gbps Backplane Performance
    17. 17. 7-Slot Modular Chassis
    18. 18. Expandable to 5 applications
    19. 19. 80Gbps Backplane Performance
    20. 20. Single Box HA
    21. 21. 14-Slot Modular Chassis
    22. 22. Expandable to 10 applications
    23. 23. 150Gbps Backplane Performance
    24. 24. Single Box HA</li></li></ul><li>IT Firestorm Threatens Business Performance<br />
    25. 25. Does High-Performance = Resilient?<br />6<br />
    26. 26. 4 Keys to Evaluating High-Performance Gear: #1 <br />Real-World Blended Application Traffic<br />7<br />
    27. 27. 4 Keys to Evaluating High-Performance Gear: #2 <br />Enable Rules and Commence Attack<br />8<br />
    28. 28. 4 Keys to Evaluating High-Performance Gear: #3<br />Set-Up, and Tear-Down, Connections<br />9<br />
    29. 29. 4 Keys to Evaluating High-Performance Gear: #4 <br />Sustaining Connections, During Load<br />10<br />
    30. 30. How? Attack Thyself!<br />Real Attacks<br /><ul><li>4,500 live security attacks
    31. 31. 100+ evasions
    32. 32. Malware & Spam
    33. 33. DDoS and Botnet simulation
    34. 34. Custom attacks
    35. 35. Research and frequent updates</li></ul>Real World Applications<br /><ul><li>150+ application protocols
    36. 36. Social media, peer-to-peer, voice, video
    37. 37. Web and enterprise applications, gaming
    38. 38. Custom applications
    39. 39. Frequent updates</li></ul>Unprecedented Performance with McAfee Firewall Enterprise<br /><ul><li>40 Gbps blended application traffic
    40. 40. 10M concurrent TCP sessions
    41. 41. 160,000 connections/second
    42. 42. 38 Gbps SSL bulk encryption</li></li></ul><li>Validating High-Performance Gear<br />High-Performance Network Gear<br />Client<br />Simulation<br />150+ Blended<br />Application Traffic (ex: HTTP, MySQL, Oracle) <br />+ <br />4500+ Live<br />Security Strikes<br />+ <br />Millions of Sessions<br />REMEMBER TO EVALUATE:<br />Performance with blended applications<br />Performance with security rules enabled<br />Ability to set-up AND tear-down connections<br />Ability to sustain connections, during load<br />
    43. 43. Questions and Answers<br />13<br />