IxLoad-Attack TM : Network Security Testing

Similar documents
IxLoad Data Streaming (RTSP, RTP)

DATA SHEET. Key Benefits. Unified applications and security test platform, with support for BreakingPoint and IxLoad software

PerfectStorm 40GE, High-Performance Application and Security Load Modules

PerfectStorm 100GbE, High- Performance Application and Security Load Modules

PerfectStorm ONE 1GE/10GE Appliance

CloudStorm TM 100GE Application and Security Test Load Module

PERFECTSTORM ONE 10GE/40GE APPLIANCE

IxLoad. Determine Performance of Content-Aware Devices and Networks

IxLoad Common Internet File System (CIFS)

Spirent Avalanche. Applications and Security Testing Solutions. Application. Features & Benefits. Data Sheet. Network Performance Testing

IXLOAD OVERVIEW CONVERGED MULTIPLAY SERVICE VALIDATION

NIP6000 Next-Generation Intrusion Prevention System

Corrigendum 3. Tender Number: 10/ dated

Check Point DDoS Protector Introduction

NGY-NP 10GBE APPLICATION NETWORK PROCESSOR LOAD MODULES

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

DDoS Testing with XM-2G. Step by Step Guide

10 Gigabit Ethernet XM LAN Services Modules

Network Security. Thierry Sans

PROTECTING INFORMATION ASSETS NETWORK SECURITY

FUSION-ENABLED XCELLON-ULTRA NG

Gigabit Ethernet XMV LAN Services Modules

Venusense UTM Introduction

network security s642 computer security adam everspaugh

10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network

AccessEnforcer Version 4.0 Features List

Network. Arcstar Universal One

Network Security. Kitisak Jirawannakool Electronics Government Agency (public organisation)

Future-ready security for small and mid-size enterprises

TXS 10/100 Mbps and Gigabit Ethernet Load Modules

Distributed Systems. 29. Firewalls. Paul Krzyzanowski. Rutgers University. Fall 2015

Configuring attack detection and prevention 1

Fundamentals of Network Security v1.1 Scope and Sequence

Validate Pre-Deployment and Live Networks and Applications

This course prepares candidates for the CompTIA Network+ examination (2018 Objectives) N

Configuring attack detection and prevention 1

이충구부장 - Apps & Security 총괄 / IXIA Korea 지능형지속공격을위한진화된테스트방법. -Next Generation Security Validation

Advanced Network Troubleshooting Using Wireshark (Hands-on)

Evaluation criteria for Next-Generation Firewalls

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

Enabling a Converged World. Application Performance Testing

Training UNIFIED SECURITY. Signature based packet analysis

HP High-End Firewalls

RUGE. Rugged IP load generator (Ruge) Ruge gives your network a serious beating. Just to make sure it does not fail when it is time to go live.

CompTIA Network+ Study Guide Table of Contents

Business Strategy Theatre

Configuring Flood Protection

Insight Guide into Securing your Connectivity

Layer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

Gigabit Ethernet XMVR LAN Services Modules

Gigabit Ethernet XMVR LAN Services Modules

Eudemon 1000E. Eudemon 1000E Series Product Quick Reference. Huawei Technologies Co., Ltd.

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Cisco Systems Korea

VG422R. User s Manual. Rev , 5

IxLoad EPC Wi-Fi Offload Testing

Detecting Specific Threats

Assignment - 1 Chap. 1 Wired LAN s

Exam Questions JN0-633

Cisco CCIE Security Written.

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8

Gigabit SSL VPN Security Router

What is New in Cisco ACE 4710 Application Control Engine Software Release 3.1

ECE 435 Network Engineering Lecture 23

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

Introduction to Cisco ASA Firewall Services

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

Hands-On Ethical Hacking and Network Defense

Chapter 11: Networks

haltdos - Web Application Firewall

TeraVM at Cisco. Application Note. What is TeraVM?

ASA/PIX Security Appliance

Chapter 11: It s a Network. Introduction to Networking

CEH: CERTIFIED ETHICAL HACKER v9

Security and Lawful Intercept In VoIP Networks. Manohar Mahavadi Centillium Communications Inc. Fremont, California

Networks and Communications MS216 - Course Outline -

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

August 14th, 2018 PRESENTED BY:

WatchGuard System Manager Fireware Configuration Guide. WatchGuard Fireware Pro v8.1

Ethical Hacking and Prevention

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

9. Security. Safeguard Engine. Safeguard Engine Settings

Data Sheet. DPtech FW1000 Series Firewall. Overview

Scanning. Course Learning Outcomes for Unit III. Reading Assignment. Unit Lesson UNIT III STUDY GUIDE

User Role Firewall Policy

Course 831 Certified Ethical Hacker v9

Security, Internet Access, and Communication Ports

Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks

KASPERSKY ANTI-MALWARE PROTECTION SYSTEM BE READY FOR WHAT S NEXT. Kaspersky Open Space Security

Fireware-Essentials. Number: Fireware Essentials Passing Score: 800 Time Limit: 120 min File Version: 7.

Threat Pragmatics. Target 6/19/ June 2018 PacNOG 22, Honiara, Solomon Islands Supported by:

Security, Internet Access, and Communication Ports

Cisco s Appliance-based Content Security: IronPort and Web Security

IxLoad LTE Evolved Packet Core Network Testing: enodeb simulation on the S1-MME and S1-U interfaces

Cisco RV180 VPN Router

Addendum to RFP SSL/IT/RFP-004/ dated 28-March-2017

snoc Snoc DDoS Protection Fast Secure Cost effective Introduction Snoc 3.0 Global Scrubbing Centers Web Application DNS Protection

Security+ Guide to Network Security Fundamentals, Fourth Edition. Network Attacks Denial of service Attacks

Legal and notice information

NISCC Technical Note 06/02: Response to Distributed Denial of Service (DDoS) Attacks

Transcription:

IxLoad-Attack TM : Network Security Testing IxLoad-Attack tests network security appliances to validate that they effectively and accurately block attacks while delivering high end-user quality of experience (QoE) for mission-critical applications. IxLoad-Attack tests the wide range of network security appliances for both wired and wireless networks, including: Next-generation firewalls Intrusion detection and prevention systems (IDS/IPS) Anti-virus, anti-spam, and URL filters VPN gateways IxLoad-Attack delivers the security testing depth and scale needed to satisfy both device validation and continuous protection of cloud infrastructures, as well as enterprise, government, and service provider networks. IxLoad-Attack is the only product that provides malicious traffic over both encrypted and non-encrypted links. It runs in parallel with all other IxLoad functions. Customized, real-world network traffic provides the "good" reference traffic that security devices must forward without affecting customer QoE. Many security devices require frequent software updates to provide up-todate protection. To keep pace with current threats IxLoad-Attack includes a bi-weekly update service. Key IxLoad-Attack features include: 20,000 unique live security attacks, the most comprehensive solution targeting known vulnerabilities Automatic updates via a subscription service Millions of attack permutations enabled by multiple evasion techniques Comprehensive coverage for published Microsoft vulnerabilities Line-rate distributed denial of service (DDoS) attacks over 1GE, 10GE, and 40GE interfaces Converged real-world application traffic mix with fully-stateful voice, data, and video emulations Mix of legitimate and malicious traffic on the same ports Evaluation of security effectiveness, detection accuracy, performance benchmarking, and service availability Continual updates backed by security research from two industry pioneers Delivery of attacks over IPsec tunnels for security and performance testing of VPNs and LTE security gateways Wireless attack delivery via generic tunneling protocol (GTP) 26601 Agoura Road Calabasas, CA 91302 USA Tel + 1-818-871-1800 www.ixiacom.com Document No.: 915-1787-01 Rev F April 2014 - Page 1

Features and Specifications Figure 1 - High-Level Vulnerabilities and DDoS Attacks Feature Category Detailed Description Published Vulnerabilities and Malware 20,000+ vulnerabilities and malware Highest coverage of Microsoft vulnerabilities Subscription service with online and offline malware and vulnerabilities updates Measures security effectiveness Emulates attacks over IPv4, IPv6, and IPsec Comprehensive attack metadata Multiple attack evasions Packet capture using IxLoad s embedded Analyzer Attacker/server-initiated attacks Target/client initiated attacks (client-based attacks) Multiplay Voice, Video, Data, and Wireless Protocol Support Internet: HTTP, P2P, FTP, SMTP, POP3, DNS, and CIFS Video: IGMP, RTSP, Adobe Flash Player, Microsoft Silverlight, Apple HLS, MPEG2, and H.264/AVC Voice: SIP, MGCP, H.323, H.248, Cisco Skinny, FAX over IP, video conferencing, and PSTN Wireless: 3GPP packet core protocols used by GGSNs Page 2

Feature Category Detailed Description DDoS General Features Both IPv4 and IPv6 Botnet and target emulation Attacks against live servers Attacks against intermediate devices Emulation of large botnets with millions of unique IP addresses Line rate attacks over 1GE, 10GE, and 40GE interfaces Mix of voice, data, video, and DDoS traffic on same port Mix multiple attack patterns on same port Attacks initiated from spoofed IPs or real IPs Attack rate and attack throughput test objectives DDoS - Patterns ARP Attacks ARP Flooding ICMP Attacks Fragmented ICMP Host Unreachable Nuke attack Ping of Death attack Ping Sweep attack TIDCMP attack UDP Attacks DNS Flooding attack Evasive UDP attack UDP Flooding attack UDP Port Scan attack UDP Fragments attack TCP Attacks TCP ACK Flooding TCP SYN Flooding TCP FIN Flooding TCP RST Flooding TCP Land attack TCP Port scanning attack TCP SYN/ACK Flooding TCP Xmas tree attack IP Attacks Malformed IP Options attack Nestea attack Short Fragment Teardrop IGMP Attacks Fragmented IGMP attack IGMPSYN Flooding Page 3

Statistics Function Statistics DDoS Published Vulnerabilities and Malware Attack counters Attack rates Attack throughput Per attack counters Per attack rates Per attack throughput Drill down per port, attack, and network Attack counters Attack rates Attack packet counters Attacks Packets Sent/Received/ Not Received Attack packet rates Packets per second Sent/Received/Not Received Attack throughput Per attack counters Attacks - distribution by year Attacks - distribution by vendor Attacks - distribution by severity Attacks - distribution by category Attacks - distribution by threat type Attacks - distribution by evasion class Drill down per port Drill down per attack Drill down per network Page 4

Ordering Information Part Number Description 925-3344 IxLoad-ATTACK-2012, Software Bundle, Layer 4-7 Performance Test Application; includes: ADVNET-DHCP 925-3601 IXLOAD, SUBSCRIPTION-VULNERABILITIES 925-3602 IXLOAD, VULNERABILITIES-MALWARE-K 925-3603 IXLOAD, VULNERABILITIES-MALWARE-T 925-3606 IXLOAD, DDoSv2-BASE 925-3607 IXLOAD, PVM-BASELINE-TRAFFIC 932-0101 Analyzer Server, Base Software, Chassis Component, Packet Capture, View and Analysis 932-0102 Analyzer, Client, Base Software, Media player tools, Node-Locked License 925-5344 IxLoad CPD-ATTACK-2012, Software Bundle, Layer 4-7 Performance Test Application for the Appliance; includes: 925-5115 IXLOAD-ADVNET-DHCP 25-5601 CPD-SUBSCRIPTION-PVM 925-5602 CPD-VULN-AND-MALWARE-K 925-5603 CPD-VULN-AND-MALWARE-T 925-5607 CPD-PVM-BASELINE-TRAFFIC 932-0101 Analyzer Server, Base Software, Chassis Component, Packet Capture, View and Analysis 932-0102 Analyzer, Client, Base Software, Media player tools, Node-Locked License Page 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback