Product review: BreakingPoint Systems' BPS-1000


This article can also be found in the Premium Editorial Download "Information Security magazine: Does security make the grade in Windows Server 2008?."

Download it now to read this article plus other related content.

Security Testing CapabilitiesB  
The BPS-1000's security testing capabilities are outstanding, but also where expanded functionality would be most useful. The tool includes hundreds of different "strike" packages, each capable of launching a different exploit. Further, testers can use several dozen obfuscation and encoding techniques for the strikes to dodge packet-inspection technologies like firewalls and network-based IPS tools, representing the most comprehensive exploit and evasion testing technology on the market today.

However, while you can run through a series of tests to see how a mix of traffic affects the target network device, you can't iterate step-by-step by changing specific fields or set break points during a given test. This forces you to conduct tedious manual hunting to discover which elements caused a crash or error condition.

Setup and ConfigurationB+  
Configuring tests is straightforward. Each type of test traffic you choose is represented as an icon

    Requires Free Membership to View

on a graphical display of a data center rack. You can tweak a test by simply clicking on the appropriate icon and altering its settings. The BPS-1000 also includes a variety of Quick Tests to evaluate Ethernet traffic handling, IP routing, TCP session support and exploit blocking. It also supports TCL-based code for custom tests (Ruby, Python and Perl scripts will be supported in future releases).

The GUI is intuitive and flexible, but suffers from issues typical of a first release; some dialog boxes lack a cancel button, and some of the drag-and-drop features for grouping strikes require very careful dropping in a small subsection of the GUI.

Numerous reporting options are available, including PDF, HTML and XLS formats. The system auto-generates well-organized reports that include a synopsis, success criteria (as defined by BreakingPoint), pie charts of traffic types, and graphs of transmitted and received packets sorted by application type.

The BPS-1000 offers comprehensive, fast and flexible testing, the best we've seen for generating exploits and evasion tactics.

Testing methodology: We configured the BPS-1000 to send data through a switch, a routing system and a network-based IPS device, using a mix of test traffic that included legitimate TCP sessions, exploit traffic and malformed packets.

This was first published in February 2008

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: