RUGE. Rugged IP load generator (Ruge) Ruge gives your network a serious beating. Just to make sure it does not fail when it is time to go live.

Similar documents
Corrigendum 3. Tender Number: 10/ dated

Data Sheet. DPtech Anti-DDoS Series. Overview. Series

Network Security. Thierry Sans

Internet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.

SIP Flex Test Suite. Highlights. IMS and VoIP Network Element and Service Testing

DDoS Testing with XM-2G. Step by Step Guide

Layer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

Gigabit Ethernet XMV LAN Services Modules

CT506 LANforge-FIRE VoIP Call Generator

Request for Proposal (RFP) for Supply and Implementation of Firewall for Internet Access (RFP Ref )

Gigabit Ethernet XMVR LAN Services Modules

NIP6000 Next-Generation Intrusion Prevention System

Gigabit Ethernet XMVR LAN Services Modules

CN-100 Network Analyzer Product Overview

IxLoad-Attack TM : Network Security Testing

GIGABIT ETHERNET XMVR LAN SERVICES MODULES

Spirent Network Emulator

Spirent Network Emulator

[PST, GMT -8] Network Testing and Emulation Solutions

Configuring attack detection and prevention 1

ASR 5000 Series ICMP Packet Generation from the CLI and Fragmentation Identification

Introduction to Computer Networks. CS 166: Introduction to Computer Systems Security

Attack Prevention Technology White Paper

Cubro Packetmaster EX12

Configuring attack detection and prevention 1

TXS 10/100 Mbps and Gigabit Ethernet Load Modules

Spirent Avalanche. Applications and Security Testing Solutions. Application. Features & Benefits. Data Sheet. Network Performance Testing

Table of Contents. 1 Intrusion Detection Statistics 1-1 Overview 1-1 Displaying Intrusion Detection Statistics 1-1

ASR6000 series GTTH switch

IP-to-IP Gateway Test Suite

Advanced Network Troubleshooting Using Wireshark (Hands-on)

Introduction to VoIP. Cisco Networking Academy Program Cisco Systems, Inc. All rights reserved. Cisco Public. IP Telephony

Valkyrie Layer 2-3 Test Platform. The world s best Ethernet traffic generation and analysis solutions

Ping of death Land attack Teardrop Syn flood Smurf attack. DOS Attack Methods

LM1000STXR4 Gigabit Ethernet Load Module

Cisco RV180 VPN Router

1. Arista 7124s Switch Report

MetroStar 4000 switch

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

IPv6 Cyber Security Briefing May 27, Ron Hulen VP and CTO Cyber Security Solutions Command Information, Inc.

Computer Networks Security: intro. CS Computer Systems Security

10/100/1000, 10G & 40G

NGY-NP 10GBE APPLICATION NETWORK PROCESSOR LOAD MODULES

NETGEAR-FVX Relation. Fabrizio Celli;Fabio Papacchini;Andrea Gozzi

OSI Layer OSI Name Units Implementation Description 7 Application Data PCs Network services such as file, print,

Check Point DDoS Protector Introduction

Gigabit SSL VPN Security Router

CIT 380: Securing Computer Systems. Network Security Concepts

Network Testing and Emulation Solutions [PST, GMT -8]

[PST, GMT -8] Network Testing and Emulation Solutions STA Interfaces

Simulator 3. Introduction

Configuring Flood Protection

1 Gbps and 10 Gbps WAN Emulator IPNetSim

Cisco ASA 5500 Series IPS Solution

CSC 4900 Computer Networks: Security Protocols (2)

Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,

QA-604 QualityAssurer NEXT-GENERATION NETWORK TEST PLATFORM

Modular Policy Framework. Class Maps SECTION 4. Advanced Configuration

Chapter 8 roadmap. Network Security

20-CS Cyber Defense Overview Fall, Network Basics

Sonus Networks engaged Miercom to evaluate the call handling

CT LANforge WiFIRE Chromebook a/b/g/n WiFi Traffic Generator with 128 Virtual STA Interfaces

Configuring IP Services

ELEC5616 COMPUTER & NETWORK SECURITY

ASIT-33018PFM. 18-Port Full Gigabit Managed PoE Switch (ASIT-33018PFM) 18-Port Full Gigabit Managed PoE Switch.

Adopting Innovative Detection Technique To Detect ICMPv6 Based Vulnerability Attacks

CSCE 715: Network Systems Security

What is New in Cisco ACE 4710 Application Control Engine Software Release 3.1

Network Layer (1) Networked Systems 3 Lecture 8

10 Gigabit Ethernet XM LAN Services Modules

CT ac-1n Expandable LANforge WiFIRE a/b/g/n/ac 2 radio WiFi Traffic Generator

Understanding Zone and DoS Protection Event Logs and Global Counters

HP Load Balancing Module

TP-LINK Gigabit L2 Managed Switch

XMVAE GIGABIT ETHERNET MODULES

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

10 Port L2 Managed Gigabit Ethernet Switch with 2 Open SFP Slots - Rack Mountable

9. Security. Safeguard Engine. Safeguard Engine Settings

On Distributed Communications, Rand Report RM-3420-PR, Paul Baran, August 1964

Fregata. DDoS Mitigation Solution. Technical Specifications & Datasheet 1G-5G

CSc 466/566. Computer Security. 18 : Network Security Introduction

[PST, GMT -8] Network Testing and Emulation Solutions

CT LANforge-ICE 16-port WAN Emulator

CT ac2-1n-10g LANforge WiFIRE a/b/g/n/ac 4x4 MU-MIMO 3 radio WiFi Traffic

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

Your Name: Your student ID number:

ETSF05/ETSF10 Internet Protocols Network Layer Protocols

ENEE 457: Computer Systems Security 11/07/16. Lecture 18 Computer Networking Basics

Gigabit Content Security Router CS-5800

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

SecBlade Firewall Cards Attack Protection Configuration Example

CSE 565 Computer Security Fall 2018

ICS 451: Today's plan

Cubro Network Security Series

CSE 565 Computer Security Fall 2018

Certified Penetration Testing Consultant

ECE 435 Network Engineering Lecture 23

Network Security - ISA 656 IPsec IPsec Key Management (IKE)

Packet Header Formats

Lecture Computer Networks

Transcription:

PRODUCT DATA SHEET Rugged IP load generator (Ruge) RUGE Ruge gives your network a serious beating. Just to make sure it does not fail when it is time to go live.

Introduction Rugged IP load generator (Ruge) is a versatile test tool to run different stress tests and to ensure that your product or service meets the targeted limits before it goes live and it s too late. Use Ruge for load testing, network optimisation and DDoS attack simulation by combining high data volumes with anomalous behaviour. Ruge is based on an innovative software architecture and a powerful network processor hardware platform. Ruge utilizes pre-recorded data streams, control messages and timestamps to reproduce realistic sessions. Furthermore, it is possible to build state machines to simulate interactive, stateful protocol behaviour against the system under test. For session multiplication, lower layer protocols (e.g. Ethernet, IP and UDP) can be redefined and populated with variables. It is also possible to add, for example, tunneling protocols for pre-recorded streams. This also means that no protocol stacks are dependent on any third-party implementation, but are fully controlled by Ruge. This offers a unique possibility to emulate non-standard behaviour even within lower layers such as Ethernet and internet protocol (IP). Ruge supports any content type in stream generation since all data content is based on pre-recorded reference sessions. Anything that can be recorded, can be played back and multiplied. These reference sessions can be multiplied to represent a high number of different sources or users. Example: When a new voice codec is supported by the equipment under test, it can be instantly supported by Ruge. Testing is based on a pre-recorded reference session and no voice codec implementation is needed in Ruge. Great performance and high accuracy Ruge uses powerful network processing units (NPUs) and is optimised to handle IP packet traffic. Ruge hardware engine has up to 32 GB of memory. Ruge is able to generate stateless load up to full line rate almost instantly. Millions of concurrent stateful sessions (e.g. SIP calls) up to full line rate (1/10 Gbps) can be started within a couple of seconds. Ruge supports high load stress testing with extremely accurate time stamping where the theoretical line rate can be reached with any data type and their combinations. Ruge offers repeatability accuracy up to microsecond level and exact repeatability in data content. Unique flexibility Ruge engine SW controls network processors directly there is no third-party operating system. Thus, product performance is not affected by a third-party operating system overhead. Suitability for various use cases Ruge is suitable for various use cases including Load testing of IP based network equipment or network services Simulation of cyber-attacks (DDoS) Security testing of gateways, firewalls and other network elements Negative testing with data generation beyond spec boundaries Simultaneous generation of various data types Multiplication of reference traces or self-created hex patterns This product fact sheet is aligned with Ruge version 2.2.

Product configuration Ruge hardware Ruge engine SW runs on network processing units (NPU) which are optimised for IP packet processing. Coprocessors perform all time critical actions, such as CRC calculation and ciphering. The Ruge high-end platform supports 1 Gigabit Ethernet based interfaces with a RJ-45 copper connector. software controlling the engine. The host application runs on Windows 7 and Linux. In addition to Ruge Graphical User Interface, Command Line Interface (CLI) is provided for testing automation. Ruge scripts A script is a testing sequence which is built with Ruge GUI and saved to XML files. Testing consists of executing the scripts. Ruge software Ruge software consists of two parts: the engine SW running on the hardware platform and the client

Product features Figure 1. Main window of Ruge Graphical User Interface. Support for Rich Communication Service (RCS) load testing Ruge supports load testing of RCS with the help of the following product features: stateful TCP, Transport Layer Security (TLS) and Message Session Relay Protocol (MSRP). Ruge is capable of generating millions of concurrent RCS sessions by using pre-recorded data. Highly customizable traffic profiles are available, with combinations of various RCS related services. The RCS load testing application supports testing of the following RCS features: Registration SIP options polling 1-to-1 chat sessions Group chat sessions (1-to-many chat) Image share Video share File transfer of any type and size of file VoIP calls For more details, refer to the RCS load testing Application Note. Ruge scripts for general use SIP call generation Ruge scripts for Distributed Denial of Service (DDoS) Ruge scripts cover the majority of the most common Distributed Denial of Service attacks including: IP Spoofing IP Malformed Packet Fragments Reassembly w/different offsets ("Tear Drop ) Fragments Reassembly off by one IP header ("Nestea Attack") ICMP Oversized packet (> 65536) ( Ping of Death/SSPing Attack") ICMP Incomplete Fragment ("Jolt Attack") ICMP Flood ICMP spoofed unreachable flood ("Smack/Bloop/Puke Attack") TCP SYN Fragments - Reassembly with overlap ("Syndrop Attack") TCP Scan Attack TCP Port SYN Attack w/ip Spoofing ("Land Attack") SYN Attack ("SYN Flood") UDP Short Header

UDP Flood UDP spoofed broadcast echo ("Fraggle Attack") UDP attack on diag ports ("Pepsi Attack") RTP rogue packets (after-call) RTP flooding during call RTP flooding attack RTP spoofing ARP ARP Flood ("Poink Attack") RX/TX packet and byte counts RX/TX packet and bit rates Possible send failures caused by exceeding line capacity User given message counters for any generated message, 0-64 counters per message Receive message counters for stateful protocols (SIP and TCP). Statistics Ruge displays various statistics of the test sessions in the graphical user interface. The statistics include: Figure 2. Ruge statistics tab. Ruge combined with Rugged deviation emulator (Rude) Ruge can be combined with Rugged deviation emulator (Rude), which enables integrating realistic IP network characteristics as a part of the test environment. Rude offers a possibility to modify heavy load packet streams by, for example, adding delay, jitter, packet reordering, packet corruptions and packet duplications, simulating the actual behaviour of real networks. With the combination of Ruge and Rude, real world scenarios can be simulated and tested even more reliably.

Protocol stack support Stateless protocols The supported protocols are presented in the following figures. Dynamically changeable fields, such as message length and CRC, are calculated automatically and dynamically for each protocol. However, as explained earlier, any data content can be generated on the basis of a pre-recorded reference stream. It is also possible to include any protocol as user data or payload. The supported stateless protocols are: Ethernet, VLAN IPv4, IPv6 UDP, TCP, SCTP, GTPv1_U, GRE, ICMP, ICMPv6 RTP Figure 3. Protocols supported in control messages. Figure 4. Protocols supported in control messages. Figure 5. Protocols supported in streams. Stateful protocols Stateful operation is supported for the following protocols: SIP over UDP TCP Figure 6. Supported stateful protocols.

Supported encryption mechanisms TLS AES CBC 128 bit Supported as stateful with both encryption and decryption. Negotiation of keys supported. IPsec AES CTR 128/192/256 bit AES CBC 128/192/256 bit Supported as stateless, i.e. encryption is done NAS AES CTR 128 bit Supported as stateless, i.e. encryption is done SNOW3G 128 bit Technical specifications Processor & memory Port capacity Processor Cavium Octeon II NPU Port capacity 1 GbE 1 8 Number of Cores 32 Port capacity 10 GbE 1... 2 Internal Memory 32 GB Physical interfaces Interface Capacity Connector type Usage 10 GbE ports 10 Gb SFP+ Connection to System Under Test 1 GbE ports 1 Gb RJ45 Connection to System Under Test Control port 1 Gb RJ45 Connection to host PC with GUI or CLI Console port RJ45 Additional control of the Ruge engine

Physical measures Environment Mounting 1U rack mountable Temperature range 0 ~ 40 C / 32 ~ 104 F (operating) -20 ~ 70 C / -4 ~ 158 F (storage) Dimensions (W x H x D) 430 x 44 x 349 mm Humidity 20% to 90% RH (operating) Weight 7.2 kg (unpacked) 11 kg (packed) 5% to 95% RH (storage) Compliance EMC/Safety CE/FCC/UL/CB/CCC Supported operating systems Ruge host software is supported in the Windows 7 64-bit and Linux operating systems. Prerequisites WinPCAP and Wireshark are required to operate the product. A terminal program is required to change the engine IP address. Third-party applications such as PuTTY are recommended.

World wide sales I sales@ruggedtooling.com Copyright 2010-2015 Rugged Tooling Oy. All rights reserved. Version 1.6 15 January 2015 CYBER WHY RUGGED TOOLING? We want you to catch bugs before live network deployment. Our deep SW expertise and the technological flexibility of our products can deliver unique features for your testing needs. Combine Rude with Ruge for best test results. ATTACKS ON DEMAND

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback