APRIL 30, 2009

According to My Competitors I'm No Longer An Idiot

UPDATE: In Spring of 2010 BreakingPoint unveiled the pioneering Cyber Tomography Machine to help you with problems such as the ones described in this post. Read more.

BreakingPoint is growing by leaps and bounds, as evidenced by our news release we put out a few weeks ago. We are really excited about our growth and that people are now demanding our approach to testing. Sales numbers aren’t the only way to measure growth; the reaction of your competitors is another way. This isn’t our first rodeo and one thing remains constant in business; you know you are growing faster than the competition when they stop calling your ideas dumb and start adopting them. I thought it would be fun to point out a few examples.

Layer 2-7 Testing

BreakingPoint was founded because of our frustration as equipment manufacturers with the testing industry. We knew the only way to test is by testing Layer 2-7 completely. Unfortunately at the time, and to this day, test vendors such as Ixia and Spirent have different solutions for Layer 2/3 and Layer 4-7 testing, meaning additional hardware, additional licenses and disparate reporting and of course Windows-only management software to run them.

At the latest round of trade shows, it was great to see our competitors (Ixia and Spirent) talking more and more about comprehensive Layer 2-7 testing. It means they are listening to the community now, and in the future hopefully provide comprehensive solutions. The first step is always to market it, and the second step is to build it. They just got to the first step but hopefully will advance to the second step. Granted the second step is a bit bigger than just updating a website.

Application Protocols

Each application protocol brings its own challenge to your network and the gear that runs your network. It comes down to a simple fact, if you aren't testing network equipment and servers with the same application protocols that they will be hit with in the real world, they will fail. Today we have more then 70 stateful applications for use in testing and we were the first to allow for testing with applications such as VMware VMotion, AIM, CIFS/SMB, BitTorrent and many others.

I beat the drum around application protocols as a customer of test equipment for 10 years and I guess I didn’t bang loud enough. Now, I see that Ixia supports 10 application protocols as of today, but please leave me a comment if you know of more. I know 10 doesn’t sound like a lot compared to 70, and it’s not. But it’s a huge increase from pure BitBlasting that they mostly focused on.

Security

Many of us who started BreakingPoint have backgrounds in security and security equipment. Not only have we discovered multiple security vulnerabilities, but also we have deep knowledge about how security affects performance. Any equipment can perform admirably with no security policies on and zero strikes hitting it, but show me performance when all the policies are on and the box is getting hammered. Much like our focus on application protocols, this is the reason we supply 4,000+ security strikes, 80+ evasion techniques, application layer fuzzing and complete Microsoft Tuesday coverage.

In the realm of security we are now seeing our competitors incorporate a dose of security into their solutions. An example is Ixia's partnership with Codenomicon (they were sharing a booth at RSA Conference), and Spirent’s ThreatEx product. It is good to see folks moving in this direction since it is so important. I would just stress to testers to make sure you test security and performance at the same time; otherwise you aren’t doing any testing. In the real world, security attacks happen at the same time as legitimate traffic, testing them separately provides almost no value.

Simplifying Licensing

In my past as an equipment manufacturer and testing tools customer, the complex pricing and service models presented by test vendors constantly frustrated me. I can remember too many times when I was sold test equipment and then had to buy additional licenses and modules to actually make it work properly…don’t even get me started on the multi-page proposals.

This not only stalls development, it leaves a bad taste in the mouths of engineers about testing. Our goal was to provide a complete service and support package for each user that gives them everything they need, from the latest firmware upgrades to all the application protocols and security strikes at a single price…eliminating the need for licenses. Our competitors’ current architectures make this technologically difficult, but their embracing of other elements tells me that perhaps the time is coming when we will see a more simplified pricing model throughout the industry.

Network Processors

Earlier this year we doubled the performance ability of our 3-slot BreakingPoint Elite chassis from 20 to 40 Gbps of Layer 4-7 app traffic through a firmware upgrade for all of our users. Our use of network processor technology allows us this flexibility and enormous benefit for users. The key, of course, is in how you program the NP and for nearly ten years we have been actively working at this skill.

This sentiment seems to not be shared by Spirent during a discussion in this LinkedIn message board (need to join the LinkedIn group), but Ixia announced at Toolapoolza they are coming out with a network processor powered blade: beta is May 11th and release is scheduled for June 11th. I am so excited about this; I’m a big fan of network processors no matter who uses them. I can’t wait to see what they get out of it. It was getting lonely being the only one able to do high performance application protocols (7.5 million concurrent connections at 20 Gbps per card as of release 1.3.1 and continues to increase).

Stalling

Our fellow test vendors have been convinced we are on the right path and are starting to follow along. Heck, from our website traffic analysis, folks from Ixia and Spirent are spending an average of 2.5 hours per day on our website. That would be fine, except they spend so much time downloading my picture I may file a stalker petition with the courts. Do they even have courts in Romania, home of the Ixia Development Center? ;)

The stage they are currently in is called the “Stalling stage”. Tell the customers you have the same thing and it’s cheaper and faster and available next quarter. And they say that every quarter – the truth is that annoys customers and causes more problems than it solves. It also sends more business my way when they fail to deliver.

Goliath vs. Daniel

My favorite thing about writing this post was that during proof reading it struck me how Spirent (LSE: SPT.L) has 1,500 employees and Ixia (NASDAQ: XXIA) has 850 employees. We are, of course, significantly smaller, but this allows us to develop faster, quicker and smarter then these guys, well at least according to them. It's not always the guy with the slingshot, sometimes all it takes is vision :)