Kyle Flaherty

Late last week we posted a video interview with BreakingPoint CTO Dennis Cox concerning the WikiLeaks hactivists and their DDoS attacks against major corporate sites. In that video Dennis discussed how the U.S. military is preparing for these types of attacks by using cyber ranges. Much like a firing range on a military base, cyber ranges allow defenders to recreate battlefield conditions in order to train warriors, harden defenses, and conduct research into the capabilities of critical systems under realistic scenarios.

Customers come first for us, which is why we spend so much time on this blog talking about product innovations, industry developments, and new technical discoveries that affect our customers and the way they do business. It's also why the day-in, day-out efforts of our team are focused on continuously delivering the best product upgrades possible. Today, though, I want to quickly update our readers on how BreakingPoint performed from a business perspective in 2010.

Cloud security was the announced theme of the 2011 RSA Conference, and it was clear from both the slate of presentations and the chatter on the exhibition floor that issues around cloud security continue to be a major and growing area of concern for enterprises of all types, whether they are selling or buying cloud technologies. IT professionals within these companies understand that load and security validation only become more important for hardening infrastructure resiliency as they move more critical business processes into cloud and virtualized environments.

In the most recent Global Information Security Survey from Ernst & Young, 59% of enterprise IT leaders cited the lack of availability of skilled security personnel as a key challenge for their businesses. This same sentiment is felt within government and military organizations. These groups, although they have deployed the latest security devices, are aggressively recruiting smart engineers to fill the enormous lack of trained professionals. The lesson is clear: You can have the best technology in the world at your fingertips, but without making sure that your personnel have the proper skills, that technology will often go underused or unused.

The room was full that day in February 2009, everyone eager to witness what, at the time, would be the fastest public firewall test using stateful application traffic. Minutes later the BreakingPoint Storm CTM had put the Juniper SRX5800 through the paces, achieving 109 Gigabits per second (Gbps) of true application traffic. On that day the SRX5800 became the first network device tested with more than 100 Gbps of blended Layer 4-7 application traffic. During the past several years we've seen even more public firewall tests using real-world conditions, from a live test of the Cisco ASA 5500 during RSA Conference 2011 (the first with the BreakingPoint FireStorm CTM) using applications ranging from eBay to Facebook, to today's announcement concerning the Fortinet FortiGate 5140B.

Today is not just any other Wednesday. Oh no, today is World IPv6 Day! Yes, an entire day devoted to testing and launching IPv6-capable services and web sites. The reason that there needs to be a day where we talk about IPv6 is because there are still a lot of people and organizations that are delaying this change, many nervous about the possible ramifications on network performance and security.

Today I wanted to take a look at the latest version of BreakingPoint Elite, which is available immediately to BreakingPoint users, and includes more than 30 new features. I thought I would post a few of the features that we featured in the news release and embed a product screencast from CTO Dennis Cox demonstrating some of the features.

Ten years ago, 60 Minutes reported on the new threat of "cyber war." At the time, the story introduced the American public to a developing danger that would come to realization in the future. According to Sunday's program, that day has arrived. The television show dived back into the topic of cyber warfare and it was evident that not only has the threat arrived, but the United States is not prepared to face the attacks.

Our industry is constantly releasing survey data on different trends. Just today as I was sorting through my news feeds I came across three interesting studies just out.

You may have already heard about the recent announcement with NSS Labs and their selection of BreakingPoint as the standard for testing next-generation content-aware network equipment. I shot some video on my FlipCam (next time remind me to get a bit closer) at a recent company meeting where Des Wilson, our CEO, talked about the news and why it was important.

We've been busy with a lot of exciting developments in BreakingPoint Labs, one of which you will hear about on Tuesday. I thought that I would whet your appetite a bit though and post up this intro video starring our own Dennis Cox and Rik Maerz.  In this video, one of eight we will be posting along with materials, Dennis and Rik introduce the upcoming Intrusion Prevention System (IPS) test methodology being put together by BreakingPoint for testing a range of IPS devices.

It is important and interesting to watch other testing methods, particularly from a highly respected group like NSS. This got me thinking about the one video in our series that I mentioned in my earlier post; "Testing Victims". This video really brings home a critical issue around testing content-aware devices when Rik and Dennis discuss how the devices most likely won't come within 50% of their public performance claims.  And the guys note that it's not their fault. It's the legacy testing equipment they used that couldn't truly test the devices with stateful application traffic at the right speeds.
 

This morning BreakingPoint unveiled v1.2 of our testing software, there are a bunch of customer-driven enhancements including support for 50+ application protocols, support for IPv6 and SSL, enhanced multi-box management and real-time reporting.  Check out the full release for all the details.  The part I've latched onto lately, particularly when you discuss acceleration, is the architecture.

A week or so ago I posted our introduction video for a test methodology series that BreakingPoint is putting out to the community.  Today we made the first methodology public, this one for Intrusion Prevention Systems (IPS).  Dennis and Rik do a fantastic job in the videos, broken into eight “chapters”.  They describe the methodology, testing techniques and results.  My personal fave...when they talk about the testing "victims".

Application traffic continues to grow at an astonishing pace, which certainly means many things to many people, but for Network Equipment Manufacturers (NEMs) and service providers it means that network devices must perform with all of this traffic AND do it at high-speeds of 10 gigabit per second and faster. Today we announced a toolkit to allow for native generation of stateful proprietary application traffic (news release).

Dennis just put together a new screencast which gives you a quick tour of load profiles for Layer 4-7 traffic. He also goes into how to create steps and loops in Layer 2/3 test components. For current BreakingPoint users, the load profiles shown in the screencast will be found in the 1.2.1 release.

Earlier this week Cisco put out its study on global exchanges showing that there are at least 50 different cababilities an exchange needs to achieve peak performance. The study focuses on the top ten, which can be seen in the cross-hairs of the attached graphic. Coming in at number 5 was latency.

We have talked here about the overall importance of testing…particularly the need to test with REAL application traffic, live security strikes and doing it all at speeds of 10Gps and faster. These days that first criterion, testing with real apps, is getting more and more important. A great example comes from many of the applications popping up, seemingly every day, in the ‘social networking’ and Web 2.0 space.

The other day I asked Dennis about botnet simulation and he started to demonstrate it, so we figured we would film a screencast. We ended up reviewing how to simulate a botnet attack using our testing tools. The screencast shows you how to combine application traffic and strike attacks to realistically simulate a botnet attack including the use of strikes such as denial of service and backdoor attacks using IRC.

As we discussed last week BreakingPoint has created a detailed test methodology and video series that helps network engineers to test the DPI features of content-aware network devices. Just like we did with the IPS test methodology, you can view the videos and download the full methodology for your own use. DPI is certainly in the news a lot, and much of the coverage focuses on privacy concerns and P2P bandwidth shaping.