• No results found

IxLoad-Attack: Network Security Testing

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "IxLoad-Attack: Network Security Testing"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

IxLoad-Attack: Network Security Testing

IxLoad-Attack™ tests network security appliances – determining that they effectively and accurately block attacks while delivering high end-user quality of experience for mission-critical applications.

IxLoad-Attack tests the wide range of network security appliances: • Next generation firewalls,

• Intrusion detection and prevention systems (IDS/IPS), • Anti-virus, anti-spam and URL filters, and

• VPN gateways

Many of these devices need constant update and configuration to provide up-to-date protection. IxLoad-Attack includes an update service that keeps pace with current threats with bi-weekly.

IxLoad-Attack delivers the security testing depth and scale needed to satisfy both device validation and continuous protection of cloud infrastructures as well as enterprise, government, and service provider networks. IxLoad-Attack is the only product that provides malicious traffic over both encrypted and non-encrypted links. IxLoad-Attack runs in parallel with all other IxLoad functions. Customized, real-world network traffic provides the "good" reference traffic that security devices must forward without affecting customer quality of experience (QoE).

• 6,000 unique live security attacks, the most comprehensive solution targeting known vulnerabilities • Automatic updates via subscription service

• Multiple evasion techniques allows millions of attack permutations • Most comprehensive coverage for published Microsoft™ vulnerabilities

• Line-rate distributed denial of service (DDoS) attacks over1GE, 10 GE and 40 GE interfaces • Converged real-world application traffic mix with fully stateful voice, data and video emulations • Mix of legitimate and malicious traffic on same ports

• Measures security effectiveness, performance benchmarking and service availability • Backed by security research from two industry pioneers keeping IxLoad-Attack updated

• Delivery of attacks over IPsec tunnels for security and performance testing of VPNs and LTE security gateways

(2)

Features and Specifications

Feature Category Detailed Description

Published Vulnerabilities and Malware

• 6,000+ vulnerabilities and malware • Highest coverage of Microsoft vulnerabilities

• Subscription service with online and offline malware and vulnerabilities updates

• Measures security effectiveness • Emulates attacks over IPv4 and IPsec • Comprehensive attack metadata • Multiple attack evasions

• Packet capture using IxLoad’s embedded Analyzer • Attacker/server-initiated attacks

• Target/client initiated attacks (client based attacks)

Multiplay Voice, Video, Data and Wireless Protocol Support

• Internet: HTTP, P2P, FTP, SMTP, POP3, DNS and CIFS

• Video: IGMP, RTSP, Adobe Flash Player™, Microsoft Silverlight™, Adobe HLS, MPEG2, and H.264/AVC

• Voice: SIP, MGCP, H.323, H.248, Cisco Skinny™, FAX over IP, video conferencing and PSTN

• Wireless: 3GPP packet core protocols used by GGSNs

Distributed Denial of Service – General Features

• Both IPv4 and IPv6

• Botnet and target emulation • Attacks against live servers

• Attacks against intermediate devices

• Emulation of large botnets with millions of unique IP addresses

• Line rate attacks over 1GE, 10GE and 40GE interfaces • Mix of voice, data, video and DDoS traffic on same port • Mix multiple attack patterns on same port

(3)

Distributed Denial of Service Patterns ARP attacks ƒ ARP Flooding ICMP attacks ƒ Fragmented ICMP ƒ Host Unreachable ƒ Nuke attack

ƒ Ping of Death attack ƒ Ping Sweep attack ƒ TIDCMP attack

UDP attacks

ƒ DNS Flooding attack ƒ Evasive UDP attack ƒ UDP Flooding attack ƒ UDP Port Scan attack ƒ UDP Fragments attack

TCP attack ƒ TCP ACK Flooding ƒ TCP SYN Flooding ƒ TCP FIN Flooding ƒ TCP RST Flooding ƒ TCP Land attack

ƒ TCP Port scanning attack ƒ TCP SYN/ACK Flooding ƒ TCP Xmas tree attack

IP attacks

ƒ Malformed IP Options attack ƒ Nestea attack

ƒ Short Fragment ƒ Teardrop

IGMP attacks

(4)

Statistics

Distributed Denial of Service • Attack counters

o Attacks Sent/Received/ Not Received • Attack rates

o Attacks per second Sent/Received/Not Received • Attack throughput

o Attack Throughput Sent/Received • Per attack counters

o Attacks Sent/Received/ Not Received • Per attack rates

o Attacks per second Sent/Received/Not Received • Per attack throughput

o Attack Throughput Sent/Received • Drill down per port, attack and network

Published Vulnerabilities & Malware

• Attack counters

o Attacks Sent/Received/ Not Received • Attack rates

o Attacks per second Sent/Received/Not Received • Attack packet counters

o Attacks Packets Sent/Received/ Not Received • Attack packet rates

o Packets per second Sent/Received/Not Received • Attack throughput

o Attack Throughput Sent/Received • Per attack counters

o Attacks Sent/Received/ Not Received • Attacks - Distribution by year

o Attacks Sent/Received/ Not Received • Attacks - Distribution by vendor

o Attacks Sent/Received/ Not Received • Attacks - Distribution by severity

o Attacks Sent/Received/ Not Received • Attacks - Distribution by category

(5)

Ordering Information

o 925-3601 – One year security subscription for vulnerabilities and malware o 925-3604 – IXLOAD-VULNERABILITIES-MALWARE-BASE

o 925-3605 – IXLOAD-VULNERABILITIES-MALWARE-PLUS o 925-3606 – IXLOAD-DDoS-BASE

o 925-3390 – IXLOAD-STD-SECURITY, Software Bundle, L4-7 Performance Test Application

References

Download now ( PDF - 5 Page - 119.50 KB )

Related documents

AVA Victorian Division Annual Conference 2016

Annual Conference 2016 Keynote speaker Dr David Vail Equine Lectures on Friday of conference... about

A converse bound for cache-aided interference networks

We obtain an information-theoretic lower bound on both the peak normalized delivery time (NDT), and the expected NDT of cache-aided interference networks with uniform

The Leadership Experiences of Immigrant Nigerian Women in New York City

This qualitative study focused on the experiences of immigrant Nigerian women who are in current leadership positions in the United States and what impact the United States

DEBT, DONORS AND THE DECISION TO GIVE 1

14 The results here might suggest that nonprofits that do increase unsecured liabilities might successfully use their weakened financial position as a fundraising tool, or that

Your Medicare Health Benefits and Services as a Member of BlueCHiP for Medicare Core

Every year that you are a member of our Plan, we will send you either a Provider Directory or an update to your Provider Directory, which lists our network providers. If you don’t

Member Service Centre Phone Fax Web

From health insurance to travel insurance, home and contents to automotive insurance – members can save through the CPSU’s arrangements with Union Shopper and Member

The Impact of Mandated Corporate Social Responsibility: Evidence from India\u27s Companies Act of 2013

By combining a regression discontinuity (RD) framework (based on a nonparametric local polynomial regression approach) with a standard event study, we find a negative and

Risk Factors for Alcohol Relapse After Liver Transplantation for Alcoholic Cirrhosis in Japan

Abbreviations: ABO-I AMR, ABO blood type incompatibility–related antibody-mediated rejection; ALC, alcoholic liver cirrhosis; CI, confidence interval; CTP, Child-Turcotte-Pugh;