BreakingPoint FireStorm

Comprehensive Platform: All-in-One Security and Performance Testing

The BreakingPoint FireStorm is a compact all-in-one security and performance testing platform that allows organizations to test all network and data center devices and systems using a variety of functionality, including:

• Network Profiles – Use preconfigured traffic profiles built to represent a range of network scenarios—wireless, global service provider, enterprise, government, and others.
• Application Simulator – Measure the ability of a network device to accurately process a variety of application-layer traffic flows.
• Client Simulator – Measure the ability of a server or server farm to efficiently handle extreme traffic volume by simulating the behavior of millions of concurrent users.
• Security Component – Subject a device to thousands of unique security attacks to validate blocking capabilities or confirm the stability of devices under attack.
• Session Sender – Measure the ability of a device to handle concurrent TCP sessions. This feature creates and maintains large numbers of valid TCP sessions with contrived data.
• Stack Scrambler – Measure the ability of a device to operate in the face of invalid IP, UDP, and TCP packets produced by fuzzing.
• Recreate Component – Capture and recreate traffic flows that are independent of network topology.
• Routing Robot – Measure the ability of a device to correctly route IP packets by producing IP packets with a UDP payload.

Real-World Conditions: 160+ Dynamic Applications

Real-World Applications and Granular Application Control – Select and blend stateful application traffic from a library of more than 160 stateful protocols. These are the world’s most used protocols, including AOL IM®, BGP, BlackBerry® Services, Encrypted BitTorrent™, FIX/FIXT, Google® Gmail, HTTP, HTTPS, IBM DB2®, MAPI, Microsoft® CIFS/SMB, MSN Nexus, Oracle®, PP Live, QQ IM, RADIUS, RIP, SIP, Skype, SMTP, VMware® VMotion™, Windows Live Messenger, World of Warcraft®, Yahoo!® Mail and Messenger, and many others.

Application Profiles – Choose from dozens of application traffic profiles, depending on your need, including those geared for enterprises, service providers, mobile carriers, and more.

Custom Toolkits – Use the optional BreakingPoint Custom Toolkits to accelerate attacks and unique/proprietary protocols.

Markov Text Generation – BreakingPoint's Markov text generator analyzes input text and generates new text based on statistical probabilities. This feature provides support in the protocols where you would normally encounter human-readable text, such as email, HTTP, Facebook, and Instant Messaging protocols. This feature provides better realism for deep packet inspection (DPI) and data loss prevention (DLP) devices by offering more meaningful text to search during tests.

DNS Retries – BreakingPoint DNS retries follow real-world traffic patterns for DNS queries.

Multi-Language Capabilities – BreakingPoint FireStorm simulates applications and corresponding text in dozens of languages, including English, French, German, Italian, Spanish, Japanese, Chinese, and Farsi.

Live Security Attacks: Malware, Mobile Malware, and More

Live Security Attacks – The BreakingPoint FireStorm has an extensive and always-current threat library of more than 34,000 attacks, with frequent updates published by our dedicated team of in-house security researchers.

Malware/Mobile Malware – The BreakingPoint FireStorm provides live malware and mobile malware for testing of anti-virus gateways and other behavioral analysis and contextual security devices.  Malware is “disarmed” on the disk (executable bit inversion) but armed on the wire. Capabilities include:

• More than 34,000 new live malware attacks, including 100+ new mobile malware attacks
• Attacks run over SSL, as well as multiple supported transports, including HTTP, SMTP, POP, and IMAP
• Encoding for live malware strikes, available via evasion options
• Support for file types for live malware, including .doc, .pdf, and .ppt
• Support for compression option for live malware, including ZIP, gzip, tar, and tar+gzip

City-Scale Mobility Testing: 4G/LTE and 3G Infrastructure

Telecom carriers rolling out Long Term Evolution (LTE)/4G and 3G networks must test mobile infrastructures efficiently and accurately under punishing real-world conditions, without spending a fortune to do it.

The BreakingPoint FireStorm is the only all-in-one product capable of city-scale mobility testing in a compact device. Working with an intuitive single-screen interface and a single, comprehensive, easy-to-maintain device, users:

• Easily create the behavior of millions of concurrent mobile users streaming video, texting, chatting, purchasing music, posting photos on Facebook®, or unknowingly sharing the latest malware
• Emulate key LTE network components, including millions of UEs and thousands of eNodeBs, plus Mobility Management Entities (MMEs) and Serving Gateways (SGWs)
• Evaluate application-aware devices in both 3G and LTE environments with support for GTPv1 and GTPv2
• Validate per-UE accounting, billing, and policy mechanisms

Easy to Use, Scale, and Update: Extensive Automation, Preconfigured Labs, and Intuitive User Interface

Network Neighborhood – Unique within the industry, the BreakingPoint FireStorm's advanced user interface separates application simulation components from a particular network topology, making it simple to scale and reconfigure simulations around new requirements and reuse parameters and application settings by layering them on top of easily reconfigured network topologies.

Device Control and Automation – Connect directly to a network or data center device and stress it with real-world traffic. This automation gathers performance and security measurements without the need for a separate switch.

Test Import/Export – The BreakingPoint FireStorm allow users to share and reuse simulations with easy import/export functionality and without coupling them to specific hardware or interfaces of a given chassis.

Simulation Labs – The BreakingPoint FireStorm comes with a number of preconfigured labs that automatically combine all the elements needed for many common assessments, including:

• Mobility Test Lab
• Multicast Test Lab
• RFC2544 Validation Lab
• Session Sender Lab
• Lawful Intercept Lab

Massive-Scale Performance: Create the Behavior of 90 Million Wired and Wireless Users

Reach unprecedented throughput levels with the only solution architected for performance, realism, and responsiveness using a patented network processor–based platform. The native 64-bit architecture of the BreakingPoint FireStorm delivers unparalleled performance in a single 3-slot chassis, including:

• 120 Gbps of blended stateful application traffic
• 90 million concurrent TCP sessions
• 3 million TCP sessions per second
• 24 Gbps of SSL bulk encryption with any cipher

The FireStorm scales to enormous performance levels with multiple chassis using a single user interface, one configuration, and integrated reporting.

Application and Threat Intelligence Service

Test and simulation conditions must reflect the latest security threats and applications so that you ensure your equipment and systems will perform reliably and protect networks from the most advanced and malicious traffic. BreakingPoint does the research for you by identifying and generating security attacks and application protocols that keep you current. BreakingPoint ATI provide updates on a regular basis, ensuring delivery of the industry’s most complete application and threat intelligence, including:

• More than 160 of the world’s most popular protocols, including AOL IM®, BGP, BlackBerry® Services, Encrypted BitTorrent™, FIX/FIXT, Google® Gmail, HTTP, HTTPS, IBM DB2®, MAPI, Microsoft® CIFS/SMB, MSN Nexus, Oracle®, PP Live, QQ IM, RADIUS, RIP, SIP, Skype, SMTP, VMware® VMotion™, Windows Live Messenger, World of Warcraft®, Yahoo!® Mail and Messenger, and many others
• More than 34,000 new live malware attacks, including 100+ new mobile malware attacks
• Periodic feature updates, including all-in-one test labs, performance upgrades, and the latest management tools
• A full range of support options, discounts on technical training, and consultation on your test plans to ensure they are current, rigorous, and comprehensive

BreakingPoint Resiliency Score

The BreakingPoint Resiliency Score™ and the BreakingPoint Data Center Resiliency Score™ have established standards against which network and security devices and data centers are measured. Each provides automated, standardized, and deterministic methods for evaluating and ensuring the resiliency of networks, network equipment, and data centers. These features of the BreakingPoint FireStorm provide a standard measurement of the resiliency of networks and data centers using real-world application traffic, real-time security attacks, extreme user load, and application fuzzing.

• The BreakingPoint Resiliency Score is calculated using standards by organizations such as US–CERT, IEEE, and the IETF as well as real-world traffic mixes from the world’s largest service providers.
• A user simply selects the network or device for evaluation and the speed at which it is required to perform for an automated measurement of resiliency.
• The BreakingPoint device then runs a battery of simulations using a blended mix of application traffic and malicious attacks, including obfuscations.
• The BreakingPoint Resiliency Score simulation provides a common network configuration for all devices in order to maintain fairness and consistency for all vendors.

Protocol Fuzzing

Application protocol fuzzing has long been part of any security auditor's toolkit, but more and more projects are beginning to use fuzzing as part of their normal process for measuring the resiliency of critical infrastructure. A fuzzer is a piece of software that intentionally sends out data containing injected errors. Simulating this invalid data exposes vulnerabilities and weaknesses.

BreakingPoint Firestorm provides a highly powerful protocol fuzzer, available in the Stack Scrambler component. This allows you to emulate malformed data or provide too much data in hopes that something will break, unveiling vulnerabilities that will be fixed.

DDoS Attacks

With BreakingPoint Actionable Security Intelligence (ASI) solutions, you will quickly and easily measure the ability of next-generation firewalls, IPS devices, anti-DDoS appliances, and other equipment to recognize and block malicious traffic. By combining authentic DoS and DDoS traffic with your network’s real-world mix of application, exploit, and malformed traffic, BreakingPoint gives you the insight you need into the effect of DDoS attacks on your applications, individual devices, networks, and data centers.

The BreakingPoint FireStorm provides nearly every DDoS attack scenario you need, including:

• MGCP and ISAKMP Notification, RTP Flood, ICMP Pings, UDP and URL Floods, Application Floods, TCP Full Connection Flood, MSSQL Echo Packets, SIP Invite/Register, TCP SYN Flood, SCTP Init, DHCP Discover, Multicast Flood (MDNS), Broadcast Floods (ARP, ICMP), and more

Extensive Reporting

The BreakingPoint FireStorm's extensive reporting offers the industry's quickest performance characterization and root-cause determination for problem isolation. Live HTML reports display comprehensive, detailed reporting at all layers – from the industry's highest-resolution application packet latency measurement to customizable application-specific transaction details – making it simple to analyze and understand test results.

• Export into CSV, XLS, PDF, HTML, ZIP, and RTF formats
• Configurable Test Criteria for automated "success/failure" determination
• Ethernet, TCP, and Super Flow detailed and aggregate reporting
• Per-user byte- and packet-level accounting for mobility applications