Firewall Testing
Firewall Testing Overview
Firewalls have become an essential network device, evolving rapidly over the past two decades to include the latest technologies. Not only do Firewalls provide a strong level of security, they also allow for proper traffic flow. This need, plus the ever-growing list of applications that must be handled, means that Firewalls are consistently being configured with new rules and policies. Firewall testing must take all of these elements into consideration before deployment in order to measure true performance in a production network.
Traditional Firewall testing, based upon RFC 3511 and RFC 2544, was created at a time when testing vendors did not have the capabilities to test Firewalls with multi-gigabit-per-second speeds using stateful application traffic. As a result, traditional test criteria for Firewalls are focused on specific protocols, traffic or ports and determine throughput and forwarding rate for only unicast IP packets sent at a constant rate and packet size. This is not reflective of actual network traffic, nor does it take into consideration different features and settings now used in today’s Firewalls.
BreakingPoint CTO, Dennis Cox
“Firewalls are complex devices that no longer simply look at TCP headers or IP packs; today they incorporate technologies such as rate shaping and deep packet inspection. At the same time, Firewall testing failures and their subsequent performance and security problems in deployment have led to a reexamination of testing methods and even testing tools. People are beginning to realize that to test any network device, including Firewalls, you must provide the most realistic testing environment possible. The Firewall in your network will need to handle stateful application traffic, dynamic rule sets, live exploit tests, realistic device configuration, increasing data speeds and probably much more. You need to be testing the device in the exact same way.”
Firewall Testing Resources
Download BreakingPoint's Firewall Testing Methodology
(premium content requires registration)
Firewall Testing Advantages
Effective testing of Firewall performance requires an authentic blend of application traffic, combined with live security strikes, at speeds of 10 gigabits per second. See how BreakingPoint accelerates the development and testing of high-performance content-aware network equipment and application servers with realistic, responsive and easy-to-use performance and security testing products.
Realistic and Responsive: BreakingPoint concurrently generates realistic application flows with a mix of protocols and live security attacks for the most realistic high-performance server load testing possible.
- 90+ stateful application protocols, including HTTP, SMTP, VMware® VMotionTM, Microsoft® CIFS SMB, MAPI, Encrypted BitTorrent®, eDonkey, RADIUS, FIX/FIXT, Session Initiation Protocol (SIP) and more
- API for creating proprietary applications
- 4,200+ live security strikes
- Complete same-day Microsoft Tuesday coverage
- Application layer fuzzing for Zero-day attacks
- Dedicated application and security research team that provides weekly updates
High Performance: Breakthrough architecture delivers unprecedented realism, performance and throughput in a small footprint.
- 15 million simultaneous TCP sessions
- 1.5 million TCP sessions per second
- 20 Gbps of blended Layer 4-7 traffic per blade
- 40 Gbps of Layer 2-3 traffic per blade
- Scales to unlimited levels, with multiple systems using a single interface
Easy to Use: Automated testing reduces time-to-test by 50 percent or more, with a library of preconfigured tests, an intuitive Adobe® Flash-based user interface and a dynamic architecture.
- Generate millions of concurrent real stateful application connections from a single chassis
- Test application server in client-only mode or network-only mode of operation using client and server within one test unit
- Establish throughput performance in a single 3-slot chassis
- Easily combine multiple BreakingPoint chassis using a single management interface and test configuration with integrated reporting
Request a Personalized Demonstration
To learn more about Firewall Testing from a BreakingPoint expert, sign up for a demo today.