| Security Testing Capabilities | B |
The BPS-1000's security testing capabilities are outstanding, but also where expanded functionality would be most useful. The tool includes hundreds of different "strike" packages, each capable of launching a different exploit. Further, testers can use several dozen obfuscation and encoding techniques for the strikes to dodge packet-inspection technologies like firewalls and network-based IPS tools, representing the most comprehensive exploit and evasion testing technology on the market today.
However, while you can run through a series of tests to see how a mix of traffic affects the target network device, you can't iterate step-by-step by changing specific fields or set break points during a given test. This forces you to conduct tedious manual hunting to discover which elements caused a crash or error condition.
| Setup and Configuration | B+ |
Configuring tests is straightforward. Each type of test traffic you choose is represented as an icon on a graphical display of a data center rack. You can tweak a test by simply clicking on the appropriate icon and altering its settings. The BPS-1000 also includes a variety of Quick Tests to evaluate Ethernet traffic handling, IP routing, TCP session support and exploit blocking. It also supports TCL-based code for custom tests (Ruby, Python and Perl scripts will be supported in future releases).
The GUI is intuitive and flexible, but suffers from issues typical of a first release; some dialog boxes lack a cancel button, and some of the drag-and-drop features for grouping strikes require very careful dropping in a small subsection of the GUI.
Numerous reporting options are available, including PDF, HTML and XLS formats. The system auto-generates well-organized reports that include a synopsis, success criteria (as defined by BreakingPoint), pie charts of traffic types, and graphs of transmitted and received packets sorted by application type.
The BPS-1000 offers comprehensive, fast and flexible testing, the best we've seen for generating exploits and evasion tactics.
Testing methodology: We configured the BPS-1000 to send data through a switch, a routing system and a network-based IPS device, using a mix of test traffic that included legitimate TCP sessions, exploit traffic and malformed packets.
|
