
Information Security
- FeatureData Loss Prevention Tools Offer Insight into Where Data Lives
- FeatureExamine Security Features and Tools of Microsoft Windows Server 2008
- FeatureViewpoint: FIPS concepts applicable beyond governments
- FeatureProduct review: BreakingPoint Systems' BPS-1000
- FeatureKoolSpan's TrustChip secures cell phones, other mobile apps
- FeatureProduct review: Application Security Inc.'s DbProtect
- FeatureProduct review: Titus Labs' Message Classification
- FeatureWebroot Antispyware Corporate Edition product review
- FeatureSurvey: Security Pros Identify Priorities for 2008
- FeatureSecurity Services: Postini Message Discovery, Archive editions
- MagazineMarch of the Trojans: The rising Trojan threat
- MagazineGovernance: Security is tiny portion of IT budgets
- FeatureInterview with Troon Golf's Cary Westmark
- FeatureLayer8: Applying numbers to risk management
- FeatureKey Security Initiatives Abound
- FeaturePerspectives: SSL No Security Blanket

iSTOCK/GETTY IMAGES
Product review: BreakingPoint Systems' BPS-1000
NETWORK DEVICE TESTING
NETWORK DEVICE TESTING BreakingPoint Systems
Before enterprises deploy new network equipment, they need to make sure they can handle a barrage of traffic, including exploits and attacks. BreakingPoint Systems' BPS-1000 is designed to test network equipment under gigabit loads of legitimate and exploit traffic to measure performance, traffic leakage, packet dropping and stability.
Other tools focus on testing a device at one layer, such as the ability to switch Ethernet frames (Layer 2) or evaluate how network equipment routes packets (Layer 3) and handles malformed headers (Layer 3 and up). Others simulate large numbers of TCP sessions (Layer 4) or complex application mixes (Layer 7). Still others launch exploit traffic through a network device to see how it detects and blocks attacks (again at Layer 7). The BPS-1000 also includes traffic replay capabilities to spit out packets from a capture file, modifying elements of the headers, including IP address and TCP sequence numbers. Playback can be sped up or slowed down to see how the device deals with changes in the rate of incoming traffic. However, the tool is architected to test network equipment only, not end-system targets. Based on a sender-receiver architecture, the tool is designed to send packets and determine what makes it through a network device. Unlike other security testing products, the BPS-1000 is not designed to attack end systems and determine which particular packets caused them to crash.
|
However, while you can run through a series of tests to see how a mix of traffic affects the target network device, you can't iterate step-by-step by changing specific fields or set break points during a given test. This forces you to conduct tedious manual hunting to discover which elements caused a crash or error condition.
The GUI is intuitive and flexible, but suffers from issues typical of a first release; some dialog boxes lack a cancel button, and some of the drag-and-drop features for grouping strikes require very careful dropping in a small subsection of the GUI.
Testing methodology: We configured the BPS-1000 to send data through a switch, a routing system and a network-based IPS device, using a mix of test traffic that included legitimate TCP sessions, exploit traffic and malformed packets.
|
Start the conversation
0 comments