Specification

Protocols

Applications

300+ application protocols, including Yahoo!® Mail and Messenger, Google® Gmail, Skype®, BitTorrent™, eDonkey, RADIUS, SIP, RTSP, RTP, HTTP, SSL, Facebook®, Twitter Mobile, YouTube®, and Apple® FaceTime®, as well as other mobile, social, and gaming protocols—with Multicast support

Wireless Interfaces

  • S1-U (eNodeB and SGW sides)
  • S1-MME (eNodeB side)
  • SGi (PDN side)
  • S5/8 (SGW and PGW sides)
  • S11 (MME and SGW sides)
  • Gn (SSGN and GGSN sides)
  • Wireless Protocols Supported:
    • S1AP
    • GTP-C v1, GTP-C v2, GTP-U v1
    • SCTP (over UDP or IP)

Wireless Operational Modes

  • User Equipment
  • 3G GGSN
  • 3G SGSN
  • eNodeB/MME (GTPv2)
  • eNodeB/MME/SGW (GTPv2)
  • eNodeB (S1AP/ GTPv1)
  • SGW/PGW
  • MME/SGW/PGW
  • PGW

Network Access

  • IPv4/IPv6 Static Hosts
  • IPv4/IPv6 External Hosts
  • IPv4/IPv6 DHCP Hosts
  • IPv4/IPv6 DHCP Server
  • IPv6 SLAAC + Stateless DHCPv6
  • DHCP-PD
  • VLAN
  • IPv4/IPv6 Router
  • 6rd CE Routers
  • DS-Lite B4 and AFTR
  • IPv4/IPv6 DNS
  • IPsec IKEv1/IKEv2
  • NAT Support

Test Methodologies/Labs

  • RFC 2544 Lab
  • DDoS Lab
  • Multicast Lab
  • Lawful Intercept Lab
  • Session Sender Lab
  • LTE Lab
  • Device Validation Lab
  • MultiBox testing
  • Resiliency Score (Not supported on PerfectStorm 100GE)
  • Data Center Resiliency
  • LTE Lab

Security Exploits and Malware

  • 37,000+ total attacks
  • 6,000+ exploits
  • 30,000+ malware
  • 100+ evasion classes

Attacks include:

  • IP-based DoS attack types:
    • ICMP flood test case
    • ICMP fragmentation test case
    • Ping flood test case
  • UDP-based DoS attack types:
    • UDP flood test case
    • UDP fragmentation test case
    • Non-spoofed UDP flood test case
  • TCP-based DoS attack types:
    • Syn flood test case
    • Syn-ack flood test case
    • Data ack and push flood test case
    • Fragmented ack test case
    • Session attack test case
  • Application-layer attack types:
    • DNS flood attack case
    • Excessive verb attack case
    • Recursive GET Floods
    • Slow POSTs
  • Botnets:
    • Zeus
    • SpyEye
    • BlackEnergy
    • Duqu
    • Pushdo Cutwail

Validate the security posture of your networks with real applications and a complete range of threat vectors.

Problem: Real-time challenges for real-world testing

These days, organizations rely on a wide variety of security solutions to protect their networks from cyber-attacks and traffic anomalies. But the more tools deployed, the more complex a security infrastructure becomes. The result: a hodgepodge of security solutions that are tough to verify and challenging to scale. Worse yet, these complex system interactions pose a serious risk to security performance and network resiliency.

Ixia BreakingPoint - Network Security Testing

Solution: An easy-to-use testing ecosystem for modern network needs

awardToday’s businesses require an application and security test solution that can verify the stability, accuracy, and quality of networks and network devices.

Enter BreakingPoint. By simulating real-world legitimate traffic, distributed denial of service (DDoS), exploits, malware, and fuzzing, BreakingPoint validates an organization’s security infrastructure, reduces the risk of network degradation by almost 80%, and increases attack readiness by nearly 70%. And with our new TrafficREWIND solution, you'll get even more realistic and high-fidelity validation by adding production network insight into BreakingPoint test traffic configurations.

How might a particular configuration or security setup withstand a cyber-attack? BreakingPoint addresses that by simulating both good and bad traffic to validate and optimize networks under the most realistic conditions. Security infrastructures can also be verified at high-scale, ensuring ease of use, greater agility, and speedy network testing.

BREAKINGPOINT APPLICATION PROTOCOLS

Key Features

  • Simulates more than 300 real-world application protocols
  • Allows for customization and manipulation of any protocol, including raw data
  • Generates a mix of protocols at high speed with realistic protocol weight
  • Supports more than 37,000 attacks and malwares
  • Delivers all Real-World Traffic™ simultaneously from a single port, including legitimate traffic, DDoS, and malware
  • Bi-monthly Application and Threat Intelligence (ATI) subscription updates ensure you’re are current with the latest applications and threats
  • Combined with the CloudStorm™ platform, BreakingPoint reaches a staggering performance with a fully-populated chassis—2.4 Tbps / 1.44 billion sessions and 42 million connections per second—to emulate enterprise-wide networks to continent-scale mobile carrier networks 

BreakingPoint Solves Your Real-World Test Challenges

  • Next-Gen Firewalls
  • DDoS Protection
  • Data Center Microsegmentation
  • Machine Learning & Analytics
  • SCADA Network Security
  • NGFW

    No organization escapes the reach of hackers — if you’re connected to the Internet, they have a way to enter. The response is deployment of next-generation firewalls (NGFW), intrusion detection systems (IDS), and whatever future device promises better protection. To ensure minimal impact to network performance and verify the accuracy of complex network security infrastructures, businesses need a robust test solution.

    BreakingPoint validates an organization’s security infrastructure, reduces the risk of network degradation by almost 80%, and increases attack readiness by nearly 70%. It’s Real World Traffic™ testing simulates legitimate traffic, distributed denial of service (DDoS), exploits, malware, and fuzzing. Read more.

  • DDoS

    Today, distributed denial of service (DDoS) attacks are a big risk to any business with an online presence. Organizations need to know if their networks can fend-off the flood of traffic coming from hundreds of thousands of compromised systems while still accepting normal business traffic. Since every update in the network may impact the efficacy of your DDoS mitigation solution, validation must be a continual process.

    BreakingPoint simulates both normal application traffic and security threats at scale so you can validate critical data points like number of packets dropped by your DDoS mitigation solution, how your solution functions in a real attack, what level of service you can provide while under attack, and how your people and process react to and withstand an attack. Read more.

  • Microsegmentation

    Data center operators are using a collection of virtual machines or containers to segment the network by meaningful workloads. With workloads classified by the specific functions they serve (like web, application, database, services workloads), organizations can specify security measures relevant to each workload type. But testing the security and performance of these specialized workloads is challenging.

    With BreakingPoint VE, you can simulate the characteristics of various workloads and lateral movement of threat vectors, delivering a seamless test function to assess and manage your microsegmentation deployment. Read more.

  • Machine Learning

    Machine learning and big data analytics are the new hope for security teams to defeat cyber criminals. It is critical that these systems have access to meaningful domain-specific data, events, and logs to establish the baseline behavior of a domain, and eventually help in understanding the tool’s ability to detect anomalies that diverge from the baseline behavior.

    With real-world traffic® generation, BreakingPoint will help increase the effectiveness of your solution and reduce errors and false positives. It also helps tool vendors create realistic and relevant proof-of-concept (PoC) demonstrations and differentiation for their solutions. Read more.

  • SCADA

    With SCADA operating over IP networks, the line between IT and OT has blurred...however, many OT teams are not prepared to handle threats in ICS networks. Organizations are taking notice of the threats to SCADA networks and the possible impacts of breaches. It is also clear that, despite being much farther from the standard network security demarcation zones, SCADA networks continue to be exceptionally vulnerable to cyber-attacks.

    Validation in the lab with BreakingPoint’s real-world application traffic and security attacks can ensure SCADA networks are resilient and secure. Increasing the attack readiness of both your ICS networks and people will go a long way in increasing the resiliency of the SCADA/ICS systems of today and in the future. Read more.