BreakingPoint 2.2 Release: 250+ Enhancements
BreakingPoint release 2.2 is available as a firmware upgrade to all BreakingPoint customers under an ATI maintenance agreement.
BreakingPoint FireStorm CTM Support
Release 2.2 includes support for BreakingPoint's new high-performance blade, the BreakingPoint FireStorm CTM (sold separately). This 10GigE interface module supports 40Gbps per blade of traffic from more than 150 applications, as well as protocol fuzzing, and security strikes. The BreakingPoint FireStorm CTM chassis can hold up to three blades, providing 120 Gbps of blended traffic.
| BreakingPoint FireStorm CTM Chassis | Front-panel USB Port |
| Each BreakingPoint FireStorm CTM blade has an integrated system controller, allowing an additional blade in each chassis and increasing 10GigE port density by 50%. | A new front-panel USB port simplifies disk recovery and test import/export activities. If necessary, this functionality can be disabled. |
| Removable 160GB SSD Drive Tray | 4GB Capture Buffer per Port |
| The new removable SSD drive tray makes it easy to swap out hard drives. This enables easier switching between firmware versions, safekeeping of user data for secret or classified data, more usable storage space than current drives, and better reliability and performance than existing mechanical drives. | Each port now has a dedicated 4GB buffer for extended traffic capture and analysis. |
| Universal SFP+ Modules | |
| The BreakingPoint FireStorm CTM is equipped with universal SFP+ modules and supports 10GigE, 1GigE, 100Mb, and 10Mb operations. The SFP+ modules also support both copper and fiber interfaces. | |
Mobility
Long Term Evolution (LTE)
Only BreakingPoint lets users emulate massive-scale LTE networks with millions of subscribers sending mobile-specific application traffic and malware.
| LTE Test Lab | Serving Gateway (SGW)/PDN Gateway (PGW) Emulation |
| The new LTE Test Lab offers single-screen configuration of real applications running over LTE protocols at massive scale. It can be easily configured within minutes instead of days. | BreakingPoint products emulate a unified SGW and PGW to communicate with real or emulated eNodeBs or MMEs over the S1-U and S11 interfaces. |
| Mobility Management Entity (MME) Emulation | eNodeB and User Equipment (UE) Emulation |
| BreakingPoint products emulates the MME and communicates with an emulated or external Serving Gateway (SGW) over the S11 interface. The MME is the key control element of an Enhanced Packet Core (EPC). | BreakingPoint products can emulate millions of UEs (smart phones) behind thousands of eNodeBs (cell towers). |
| GPRS Tunneling Protocol (GTP) | S1 Application Port (S1AP |
| GTP allows you to test encapsulated mobile application traffic. The protocol encapsulates traffic to a specific port (not just an IP address). BreakingPoint products support GTP-c v2 and GTP-u v1 for LTE network emulation. | BreakingPoint products support S1AP, an LTE-specific protocol used in eNodeB-to-MME communication. |
| Stream Control Transmission Protocol (SCTP) | Complete Evolved Packet Core (EPC) Emulation |
| SCTP is a multi-homed protocol allowing a mobile client to talk to multiple servers, with failover. It works over both UDP and IP. BreakingPoint’s SCTP emulation is compliant with RFC4960, RFC4460, and ETSI TS 102 144 v1.1.1 (2003-5) as applicable, and includes initial support for h.323, HTTP, and S1AP. | BreakingPoint products simultaneously emulate all elements of a wireless network including UEs, eNodeBs, MME, SGW/PGW, and PDN (Internet) servers. |
| 3G Testing | GPRS Tunneling Protocol (GTP) |
| Current or “Third Generation” mobile networking technologies are in widespread use around the world. BreakingPoint emulates several 3G network components with unprecedented scalability. | GTP allows you to test encapsulated mobile application traffic. The protocol encapsulates traffic to a specific port (not just an IP address). BreakingPoint supports GTPv1 for use in 3G networks. |
| SGSN Emulation | Gateway GPRS Support Node (GGSN) Emulation |
| In 3G networks, the Serving GPRS Support Node provides both routing capabilities for packets traveling from radio towers to the GGSN, and mobility management functionality. BreakingPoint’s current SGSN emulation is for GTPv1 traffic encapsulation and communication with a GGSN. | GGSN handles the transfer of packets between the mobility network and external networks such as the Internet. BreakingPoint currently performs encapsulation and decapsulation of GTPv1 traffic between an external or emulated SGSN. BreakingPoint emulates both SGSN and GGSN concurrently to support testing and validation of Lawful Intercept and other Deep Packet Inspection (DPI) devices with GTP traffic. |
| Mobile Malware | |
| BreakingPoint products ship with 100 new mobility-specific security attacks that may be carried over wireless protocols. For more information on BreakingPoint malware support see below. |
Real User Traffic and Behavior
BreakingPoint products create real user behavior with hundreds of blended applications and new support for Markov text generation, additional application protocols, HTML generation, and new Super Flow actions.
|
Markov Text Generation The BreakingPoint product line now offers even more real application traffic with the inclusion of Markov text generation. BreakingPoint's Markov text generator analyzes input text and generates new text based on statistical probabilities. This feature provides support in the protocols where you would normally encounter human-readable text, such as Email, HTTP, Facebook, and Instant Messaging protocols. This feature is especially useful when used in conjunction with the BreakingPoint Lawful Intercept Test Lab. It provides better realism for deep packet inspection (DPI) and data loss prevention (DLP) devices by offering more meaningful text to search for in tests. DNS Retries With new capabilities included in release 2.2, DNS retries now follow real-world traffic patterns for DNS queries. Unicode Support for SQL Database Protocols BreakingPoint products now serve real-world applications in multiple languages and this feature enables unicode for database communications. Scheduler Improvements The newly updated BreakingPoint scheduler reflects user-specified bandwidth or flow weightings, even in the presence of highly randomized and variable traffic flows. Cisco RMIX Support BreakingPoint products now have built-in support for the Cisco-standard traffic mix. New Super Flow Actions
Application Protocols BreakingPoint has added a number of new application protocols to the portfolio of 150 that ship with all products including:
|
Dictionary Enhancements Dictionaries are useful for substituting data from a list into a Super Flow. They choose data from a dictionary file sequentially, in random order, or one choice per flow or per Super Flow. BreakingPoint products now support multiple simultaneous dictionaries, as well as user-supplied dictionaries. HTTP Pipelining Allows user to configure HTTP requests using pipelining. CSS/HTML Generator BreakingPoint has developed the world’s most realistic HTML generator for highly realistic web traffic modeling. Additionally BreakingPoint products can be used as a dynamic HTML generator to create realistic CSS formatting. Multiple File Attachment Generation A single generated message (such as an email message) can now contain multiple attachments of type docx, pdf, rtf, gif, jpg, mp3, html, and Flash. Any combination, either random or explicitly specified, may be generated. Application Profiles A newly expanded portfolio of application traffic mix profiles includes "Financial Trading Floor" and "Internet: Sandvine Fixed Access". Token Substitution BreakingPoint products now have new substitutions for use in Super Flows including:
Also token substitutions now work for DNS resolve actions. |
Security
Version 2.2 also includes enhancements to the industry's most current, extensive, and fully integrated security coverage:
| TCP Evasion Methods | Enhanced DDoS Attack Support |
| The 2.2 release adds new evasions to an extensive library including "Base64 encode HTTP POST Data", "Enforce SSL on strike socket", and "FILETRANSFER evasion" for determining behavior of malware transfers. | Breakingpoint offers enhanced DDoS capabilities including support for SlowLoris and slow HTTP POST attacks, and Low Orbit Ion Cannon (LOIC) DDoS traffic. |
| Live Malware | |
|
BreakingPoint products now ship live malware in addition to 4,500+ existing security strikes. This allows testing of anti-virus gateways and other behavioral analysis and contextual security devices. The live malware feature is usable only on release 2.2 and above. Malware is “disarmed” on the disk (executable bit inversion), but armed on the wire. Be careful! Capabilities include:
|
Financial Network Testing
BreakingPoint now delivers the industry’s highest-resolution application layer (L4-7) latency measurement and an adaptive reporting mechanism that continuously readjusts during text execution. This provides users with a better understanding of latency and its impact, as well as more visibility and resolution than any other provider in the market today. New feature includes:
- Automatic, adaptive latency buckets
- 10 nanosecond resolution
- Microsecond resolution for applications
- New Super Flow latency measurements
- Enhanced reporting
Additional capabilities include:
| Multicast Test Lab | Multicast Support |
| The new Multicast Test Lab includes a user interface for building simple test cases using up to 10 sources and 10 groups of subscribers. The lab uses sequential VLANs and subnets and includes a test editor for more flexibility. | With Multicast support, instead of sending a separate copy of data to each host, the server sends the data only once, and routers along the way to the clients make copies as needed. This functionality is especially useful for real-time network applications such as live video, live audio, stock quotes, and news feeds. However, it can also be applied to non-real-time applications such as replication services and content delivery. |
| Trading Floor Profile | OUCH 4.1 and ITCH Support |
| The 2.2 release adds a trading floor traffic profile that includes Super Flows of various financial institution protocols, complete with a mixture of both unicast and multicast traffic. The 10Gbps version of the test includes a load profile with large traffic bursts of more than 1 million packets per second, simulating real-world trading conditions. | BreakingPoint products now include the OUCH protocol, used by the Nasdaq exchange to conduct transactions in the options market. The products also include ITCH, a popular networking protocol for financial and trading-floor applications. |
Usability and Reporting
BreakingPoint's release 2.2 makes reports even easier to read and easier for users to find critical data. For instance, Tx/Rx on Application Data and Super Flow Data report sections have been combined for easier side-by-side analysis. Specifics include:
|
TCL User Interface
Offline Firmware and ATI Updates BreakingPoint products now provide the ability to easily update systems that are “air gapped” or otherwise not able to access the Internet. Strike Progress Indication The enhancements to the user interface in the BreakingPoint products now allows finer-grained indication of strike progress. DNS Server The 2.2 release now allows a DNS server to be set in the Network Neighborhood. Dedicated Reporting for Test Labs BreakingPoint products now have a new reporting section focusing on Lab-specific data that contains new task-specific graphs and tables. More Responsive User Interface This release improves times for the live HTML report viewer. |
RFC2544 Reporting RFC2544 reporting has been reformatted with new sections including:
GUI Cache Preload BreakingPoint products now have better UI responsiveness over slow or lossy connections. This is especially useful when connecting over VPN links. Improved Presets More BreakingPoint-tuned presets are included in the 2.2 release to help users achieve particular bandwidth rates or testing goals. Device Manager Screen BreakingPoint's Device Manager screen has been redesigned for improved ease of use. |
Cloud Computing and Data Center Testing
BreakingPoint's new Data Center Resiliency Score measures the performance of physical or virtualized server deployments using popular, real-world applications. It measures performance in terms of users and allows you to perform direct comparisons of different server platforms or configurations. Data Center Resiliency tests also validate server and application delivery infrastructure configurations and performance.
|
Dynamic Host Control Protocol (DHCP) Support With DHCP, each server supports up to 64,000 addresses. The BreakingPoint product acts as client, server, or both. BreakingPoint’s DHCP support provides DNS support and nonconsecutive address ranges and, by default, only responds to internal requests. Some of the benefits of using DHCP are that it enables plug-and-play test creation, and it allows validation of real DHCP server scalability on the network. |
Quality of Experience (QoE) Measurement The BreakingPoint Data Center Resiliency Score allows you to perform QoE measurement. This feature is primarily concerned with transaction latency and connection failures. |
Performance
The new release features record-breaking performance and superior flexibility in SSL testing on all BreakingPoint products.
|
Throughput Enhancements With the new SSL hardware offload capabilities users will, achieve up to 25Gbps of SSL throughput with DES, 3DES, RC4, AES128, or AES256 encryption. Device Support The new SSL architecture now supports SSL proxies, SSL offload devices, load balancers, and several other intermediate devices. Flexible Architecture BreakingPoint’s flexible SSL architecture works with any TCP application, and can easily switch back and forth between encrypted and cleartext communication mid-connection. |
New Operational Modes For optimal SSL performance, BreakingPoint automatically chooses between multiple operational modes on received encrypted data:
|
