Performing IP Security Testing for Networks and Devices: Overview
To protect against the increasing type, number, and virulence of security threats, network equipment manufacturers (NEMs) must constantly ensure that their devices provide the level of protection and performance needed by enterprises and service providers. Recent distributed denial of service (DDoS) attacks, in conjunction with other malicious exploits launched against government and service provider networks, have caused major security breaches and resulted in substantial damage. In addition, the growing prevalence of cloud services creates multiple internal/external boundaries that service providers and enterprises must protect. Only with continuous vulnerability testing can NEMs, service providers, and enterprises be certain that their security mechanisms are keeping pace with the threat environment while ensuring network performance.
IxLoad™-Attack measures the performance of network security appliances, validating that they effectively and accurately block attacks while delivering high end-user quality of experience for mission-critical applications. Security perimeter devices such as firewall intrusion detection and prevention systems (IDS/IPS); anti-virus, anti-spam and URL filters; and VPN gateways need constant update and configuration to provide up-to-date protection. IxLoad-Attack includes an update service that keeps pace with current threats. IxLoad-Attack delivers the security testing depth and scale needed to satisfy both device validation and continuous protection of cloud infrastructures as well as enterprise, government, and service provider networks.
IxLoad-Attack is the only product that provides malicious traffic over both encrypted and non-encrypted links. IxLoad-Attack runs in parallel with all other IxLoad functions. Customized, real-world network traffic provides the "good" reference traffic that security devices must forward without affecting customer quality of experience (QoE).
Authentication and encryption are used for all types of broadband and local connections. Ixia's IxNetwork™ and IxLoad test applications include facilities for authenticating sessions using EAP, PPP and NAC. IxLoad multiplay traffic may be applied through IPsec, SSL/TLS, and PPP encapsulations. IxANVL's IPsec and 802.1x conformance suites ensure proper protocol implementation.