National IPS Testing Week
Looks like this is the week to talk about IPS testing. NSS Labs had some very interesting news and a blog post around their upcoming testing of 10 Gbps IPS devices. BreakingPoint is involved with the NSS Labs test, who released their IPS test methodology in conjunction with the announcement. It is important and interesting to watch other testing methods, particularly from a respected group like NSS Labs. This got me thinking about the one video in our series that I mentioned in my earlier post; "Testing Victims". This video brings home a critical issue around testing content-aware devices when Rik and Dennis discuss how the equipment most likely won't come within 50% of their public performance claims. And the guys note that it's not their fault. It's the legacy testing equipment they used that couldn't truly test the devices with stateful application traffic at the right speeds.
Because I hate to see "National IPS Testing Week" (my unofficial claim...for now) come to an end I wanted to highlight some of the individual videos, starting with "Testing Victims". You can check out all eight videos on the IPS Test page.
Test Methodology Released: Calling the Community
A week or so ago I posted our introduction video for a test methodology series that BreakingPoint is putting out to the community. Today we made the first methodology public, this one for Intrusion Prevention Systems (IPS). Dennis and Rik do a fantastic job in the videos, broken into eight “chapters”. They describe the methodology, testing techniques and results. My personal fave...when they talk about the testing "victims".
Here’s the thing, these are a great resource, guidelines if you will, to effective testing of content-aware network equipment. But they are a starting point, and this is exactly what Dennis and Rik had in mind. They want to hear from people about the methodologies. This should be a community effort for anyone interested in testing next-gen network devices.
I’ll get us started…what would you like Dennis and Rik to test next? Leave your thought in the comment below.
Here is the main page with the links to the series of eight videos.
Introduction video is below if you missed it the first time:
P.S. If you haven't already, check us out on Twitter.
IPS Test Methodology Intro
We've been busy with a lot of exciting developments in BreakingPoint Labs, one of which you will hear about on Tuesday. I thought that I would whet your appetite a bit though and post up this intro video starring our own Dennis Cox and Rik Maerz. In this video, one of eight we will be posting along with materials, Dennis and Rik introduce the upcoming Intrusion Prevention System (IPS) test methodology being put together by BreakingPoint for testing a range of IPS devices.
I personally found the videos and ultimately the test methodology to be extremely helpful in understanding the full capabilities of our products. What resonated with me the most was how you can apply your tests to measure a variety of instances, vulnerabilities, application protocols and more. This remains true across different devices. As you will hear in the video Dennis and Rik generated the methodologies by testing a spectrum of devices (and they also do a clever job of censoring the actual names).
Go check out the intro here and stay tuned for episode 2, a discussion of past IPS tests.