The firewall is your company's defence system, protecting vulnerable applications from outsiders. This defence system is clever, it allows in friends and keeps out enemies. Security testing of your firewalls is a vital aspect to your business security.
Performance is just one aspect of the quality assurance work that must take place on a new or upgraded firewall. It is important that the firewall performs under load and during sustained security attacks.
There are a number of considerations when planning a Performance Test and Security Test of your firewall.
Ideally the workload generated in a Performance Test would include a scenario whereby friendly and unfriendly requests are generated. The firewall may exert a lot more effort when it is fending off an attack. A number of scenarios should be undertaken. These include tests that would determine:
The maximum number of TCP connections created per second
The maximum number of concurrent users that could be connected
The maximum http (hits per second) rate that can be achieved
The maximum bandwidth utilisation that can be serviced
In order to run the above tests a target application will have to be used. The application used is not important, it will serve as a reflector receiving requests and responding to those. The security testing of firewalls undertaken needs to monitor the reflector application to ensure that it does not become a bottleneck (a so called artificial bottleneck) thus limiting the ability to properly find the limits of the firewall itself.
A tool will need to be chosen. While tools such as Loadrunner, Silk Performer and QAload are very good at generating large workloads and simulating hundreds or thousands of users, they tend to do this well for http type message protocols.
Spirent’s Avalanche performance test tool can generate HTTP type traffic as well as a wide range of other non HTTP protocols such as:
802.1Q and 802.1 Q-in-Q
FTP (Active/Passive)
SMTP
ICMP
CIFS
SIP over TCP
SIP over UDP
Unicast Streaming Quicktime RTSP/RTP
Unicast Streaming RealNetwork RTSP/RTP
Unicast Streaming Microsoft MMS
Multicast Streaming IGMPv2
IGMPv3
RTMP and MLDv2
Rather than record a single user session, Avalanche can be used to generate realistic network traffic consisting of multiple message protocols and types. Avalanche is not a tool that can be installed,t i comes on a pre-configured box that can be slotted straight into your data centre all ready to go. Avalanche can be complimented by Spirent’s Threatex product which can be used to generate actual attacks against your defences. As little as 5 days are required to execute a Security Test that combines a Performance Test against your firewall.
Spirent’s Avalanche can be used to test the performance of network components other than the firewall including your load balancers, routers and switches.
Performance is just one aspect of the quality assurance work that must take place on a new or upgraded firewall. It is important that the firewall performs under load and during sustained security attacks.
There are a number of considerations when planning a Performance Test and Security Test of your firewall.
Ideally the workload generated in a Performance Test would include a scenario whereby friendly and unfriendly requests are generated. The firewall may exert a lot more effort when it is fending off an attack. A number of scenarios should be undertaken. These include tests that would determine:
The maximum number of TCP connections created per second
The maximum number of concurrent users that could be connected
The maximum http (hits per second) rate that can be achieved
The maximum bandwidth utilisation that can be serviced
In order to run the above tests a target application will have to be used. The application used is not important, it will serve as a reflector receiving requests and responding to those. The security testing of firewalls undertaken needs to monitor the reflector application to ensure that it does not become a bottleneck (a so called artificial bottleneck) thus limiting the ability to properly find the limits of the firewall itself.
A tool will need to be chosen. While tools such as Loadrunner, Silk Performer and QAload are very good at generating large workloads and simulating hundreds or thousands of users, they tend to do this well for http type message protocols.
Spirent’s Avalanche performance test tool can generate HTTP type traffic as well as a wide range of other non HTTP protocols such as:
802.1Q and 802.1 Q-in-Q
FTP (Active/Passive)
SMTP
ICMP
CIFS
SIP over TCP
SIP over UDP
Unicast Streaming Quicktime RTSP/RTP
Unicast Streaming RealNetwork RTSP/RTP
Unicast Streaming Microsoft MMS
Multicast Streaming IGMPv2
IGMPv3
RTMP and MLDv2
Rather than record a single user session, Avalanche can be used to generate realistic network traffic consisting of multiple message protocols and types. Avalanche is not a tool that can be installed,t i comes on a pre-configured box that can be slotted straight into your data centre all ready to go. Avalanche can be complimented by Spirent’s Threatex product which can be used to generate actual attacks against your defences. As little as 5 days are required to execute a Security Test that combines a Performance Test against your firewall.
Spirent’s Avalanche can be used to test the performance of network components other than the firewall including your load balancers, routers and switches.
Your network implementation can be subjected to performance validation. Quality of Service (QoS) can be tested to ensure that your most important message types are not impacted by users browsing the internet. Fail-over testing and redundancy to ensure continuous service under high workloads can be validated.
No comments:
Post a Comment