2008-11-20

Firewall Testing Methodology & Webinar

Wanted to give folks a quick preview of our upcoming high-performance firewall testing methodology which will be available on December 10th. That day we have put together a panel of network security experts for an interactive webinar on the new rules for testing firewalls. Panelists will include:

• William Graham, Check Point Architectural Engineering Manager
• Dennis Cox, BreakingPoint co-founder and CTO
• HD Moore, BreakingPoint Labs Director

The moderator for the panel will be Mike Hamilton, our Director of Product Marketing.  Below you can watch Mike introduce this latest testing methodology and be sure and sign up now for the firewall testing webinar!

 

2008-11-13

StrikePack Email Alerts Keep You Informed and Help Me Wrap Up a Theme

A bit of a public service announcement today for BreakingPoint users.  We started to offer StrikePack alert emails that will notify you when we release a new StrikePack.  You can opt-in for these emails by heading to the "Member's Access" page and hitting on "Preferences" and of course you can opt-out at any time.  You will typically see about one email a week.

Never one to let an opportunity go, this simple announcement becomes a convenient way for me to wrap up my theme this week and I wish I could say I did it all on purpose. As you know, BreakingPoint is consistently keeping users up to date with the latest application protocols and security vulnerabilities to ensure realistic testing. In just the past month BreakingPoint has released four StrikePack’s that include:

• 57 new Security Strikes, including coverage for October 2008 Microsoft Security Bulletins.
• Strikes for exercising and fuzzing various packets in the Routing Information Protocol most commonly used by 'routed for UNIX'.
• Addition of the Gnutella Peer-to-Peer protocol, used most commonly by the iMesh, Morpheus and Limewire clients.
• Updates to the Stack Scrambler component to switch rates once per second when the Rate Type is set to a non-static value.
• Addition of the Apple Safari and Google Chrome client profiles to the HTTP application protocol.
• ...and more.
  

This is exactly what I'm talking about when I wrote "Eliminating Complexity in Testing Tools" and "Are the Apps you Need for Testing at your Fingertips?" this week. You need the ability to evolve your testing as your network requirements and traffic evolve...and you should be able to do it easily and cost-effectively. Starting today you can get alerted to these updates even faster.

 

2008-11-12

Are the Apps you Need for Testing at your Fingertips?

The numbers are impressive when you look at peer-to-peer (P2P) network traffic. Recent reports estimate that more than 100 million files are exchanged each day using P2P networks and global P2P network traffic totals 61% of all upstream network traffic and 22% of downstream bandwidth consumption. Large numbers, but nothing compared to the growth estimates with P2P expected to surpass 100 exabytes per month by 2015.

I wrote the above last week when we announced support for testing network devices with encrypted BitTorrent. BreakingPoint obviously already had coverage for eDonkey, BitTorrent, Gnutella but writing this release and realizing these numbers really hit home for me the importance of using actual application traffic when you are testing network equipment.  Additionally I was doing research on our next supported application protocol and those numbers, in a relative sense, were even more staggering (hint: instant messaging protocol in a particular geography).

Encrypted BitTorrent adds an important element into the mix, since it has become a possible liability for service providers with many folks trying to avoid QoS policies, not to mention possible issues with file obfuscation, law enforcement avoidance and exploit prevention. Overall the immensity of P2P traffic has a severe affect on network devices, both from a performance and security standpoint, so as much testing you can do with this traffic the better.

However, beyond the particular application, this hits home on my gripe from Monday around the often artificial barriers put up that add complexity into the network equipment testing industry. When you are testing network devices you need to be using the traffic that will ultimately go through this device. Dennis wrote about this in "The World is Lacking Background Traffic". The question you have to ask yourself: do you have those application protocols at your fingertips during testing and if not are they easy to get?

2008-11-10

Eliminating Complexity in Testing Tools

A statement I heard on Friday: "Testing is hard, testing equipment should be easy."

My response: "Testing is hard, some tools make it harder and yes, it should be easy."

We've talked here about how to make testing easier, through better network equipment testing tools, but typically we focus on product features, script automation or an intuitive user interface. It goes beyond features however. Often companies introduce new testing products that may have been better served, for users, to be an added feature to the product they have already purchased. I realize that legacy testing vendors are cornered because of their original architecture and I also acknowledge the need for specialized testing products for particular needs, but all too often you are adding testing tools to your process, not to mention additional costs, simply to get a feature you need.

This is not unique to network equipment testing, in fact it is prevalent in the enterprise software space where adding product feature layers and subsequent license fees has become an art form.  It is not wonder that the SaaS movement gained so much traction and that people rush over to open source. Many times, particularly at the onset, a vendor can actually use this complexity to generate a great deal of revenue and FUD. The product complexity model works when there are limited players in the market to challenge the norm and before users have grown tired of trying to piece all of these different products together.

Making your testing life easier is not simply about product features, I get that, instead it should stem from the way the product is designed, sold, updated, packaged and how you provide training and support. This ability to minimize complexity and maximize functionality, particularly in this economic environment, will serve companies well in their success.  Kevin Costner may have heard "Build it and they will come", had he been a network test engineer his internal dialogue may have muttered "Build it, make it all-in-one and eliminate product redundancy and licensing complexity and they will come".

2008-11-06

Network Equipment Testing in APAC

I recently sat down with Leonard Zhang out of our Beijing office, to chat about the network equipment testing market in the Asia Pacific (APAC) region.  Wanted to share some of our conversation and see if it resonates with some of the experiences many of you have had in global organizations.

What current trends are you seeing in APAC?

In the past months, we have been interacting with many potential customers throughout the region and observed an increasing trend of interest around application and security testing. It is something good to see. The APAC technical wave mostly follows the U.S. trend, maybe 1-2 years delay. But we see the gap closing, for sure. In my personal opinion, the big picture APAC needs to overcome some cultural issues first in order to take the lead at least in some area.

How is your market different in terms of mindset?

A typical Asian puzzle is the conservative mindset. For example, it happens that when we see some potential customer, the first response might be "we never heard of such a testing tool, so no interest" or "a new tool, we don't believe well in new tools...". Such an enclosed mindset, I guess, is not rare to see in some Asian markets. People usually doubt the new innovations but forgot that every great company/product came with a new hat.

With that in mind, how will BreakingPoint make an impact?

Application and security testing is very complicated, and as I stated above it is seeing very high levels of interest, so I am glad that I joined BreakingPoint who understands the complexity of this market. Application and security testing is constantly changing, so it is always new.

What is your goal in bringing innovative network equipment testing to APAC?

I hope we can speed up the process of the "appreciating new stuff" attitude in APAC through our efforts. Only open minds can lead to a position of pioneers, which Asia is really lacking today. Japan would be a good role model to its neighbors in this area.