Security Testing CapabilitiesB  
The BPS-1000's security testing capabilities are outstanding, but also where expanded functionality would be most useful. The tool includes hundreds of different "strike" packages, each capable of launching a different exploit. Further, testers can use several dozen obfuscation and encoding techniques for the strikes to dodge packet-inspection technologies like firewalls and network-based IPS tools, representing the most comprehensive exploit and evasion testing technology on the market today.

However, while you can run through a series of tests to see how a mix of traffic affects the target network device, you can't iterate step-by-step by changing specific fields or set break points during a given test. This forces you to conduct tedious manual hunting to discover which elements caused a crash or error condition.

Setup and ConfigurationB+  
Configuring tests is straightforward. Each type of test traffic you choose is represented as an icon on a graphical display of a data center rack. You can tweak a test by simply clicking on the appropriate icon and altering its settings. The BPS-1000 also includes a variety of Quick Tests to evaluate Ether...

The GUI is intuitive and flexible, but suffers from issues typical of a first release; some dialog boxes lack a cancel button, and some of the drag-and-drop features for grouping strikes require very careful dropping in a small subsection of the GUI.

ReportingA  
Numerous reporting options are available, including PDF, HTML and XLS formats. The system auto-generates well-organized reports that include a synopsis, success criteria (as defined by BreakingPoint), pie charts of traffic types, and graphs of transmitted and received packets sorted by application type.

Verdict
The BPS-1000 offers comprehensive, fast and flexible testing, the best we've seen for generating exploits and evasion tactics.

< PREV PAGE   |   1  |   2  |   NEXT PAGE  >