Next-Generation Firewall Testing

Measure and optimize the performance, security, and stability of next-generation firewalls

Next-generation security devices are deployed not only to prevent attacks and stop vulnerabilities but also to recognize and control content-aware traffic. Unfortunately, the performance of a deployed next-generation firewall or IPS will never match what was printed on the vendor data sheet. The reason is simple: The device was tested in pristine lab conditions using a generic traffic mix, and now you are deploying it in a real network that is anything but pristine or generic.

Next-generation security devices demand next-generation testing that will subject the full range of conditions present in real-world networks. This means not simply testing on specific protocols, traffic, or ports but determining performance, security, and stability using real applications and user behavior. Legacy testing will provide inaccurate results since it is unable to do much more than examine throughput and forwarding rates for unicast IP packets sent at a constant rate and packet size. This means you are not factoring in or validating modern context-aware technologies such as rate shaping and deep packet inspection.

BreakingPoint Actionable Security Intelligence (ASI) solutions are the only capable of validating next-gen firewall and IPS testing using an authentic blend of stateful application traffic combined with live security attacks and massive-scale user load. BreakingPoint ASI solutions create the actual behavior of millions of wired and wireless users, hundreds of applications, and tens of thousands of security attacks to properly test firewalls.

By using BreakingPoint next-generation firewall testing, you will:

• Validate firewall performance and security under massive load from millions of simultaneous users
• Put content-aware device capabilities to the test before deployment by creating custom traffic mixes drawn from more than 160 communications, enterprise, social, and gaming application protocols
• Stress enterprise firewalls by selecting from more than 34,000 live security attacks and malware, plus obfuscations and evasions, to pinpoint potential vulnerabilities

Learn how Cisco used BreakingPoint solutions for next-generation firewall testing while reducing time-to-test.