SOURCE: BreakingPoint Systems

ipv6 dual stack testing

September 15, 2009 10:30 ET

BreakingPoint Publishes Expanded Firewall Testing Methodology

New Version of Testing Methodology Provides Guidelines for Simulating Real-World Network Traffic to Help Validate the Performance and Resiliency of 10GigE Firewalls

AUSTIN, TX--(Marketwire - September 15, 2009) - BreakingPoint today released a new version of its popular Firewall Test Methodology, documenting the necessary steps to simulate the realistic network traffic required to ensure a 10GigE firewall performs as expected. Since the debut of the original Firewall Test Methodology, BreakingPoint Elite has been used to simulate global network conditions in testing hundreds of network security devices, including the much publicized testing of the Juniper SRX5800, the world's largest firewall. Using these real-world testing scenarios, BreakingPoint updated its Firewall Test Methodology to include dozens of additional testing tips and techniques. The BreakingPoint Firewall Test Methodology details how to test using realistic blended applications and live security strikes at full load and line-rate speed.

Get instant access to the entire Firewall Testing Methodology.

Excerpt from BreakingPoint Firewall Test Methodology

The BreakingPoint Firewall Test Methodology is designed to evaluate firewalls and will identify the performance characteristics of these devices as they operate in a production environment. It is crucial to understand that vendor-supplied datasheet specifications often reflect "best case" scenarios that do not mirror real-world performance. Additionally, many testing tools do not use an up-to-date library of known vulnerabilities, leaving your Firewall defenseless to attack. The test methodology below will help you recognize how and what to test to ensure the performance and security of your firewall prior to deployment.

Firewall testing is traditionally done using RFC 3511, "Benchmarking Methodology for Firewall Performance", specifically Section 5.1, "IP Throughput of RFC 3511", which focuses on determining only the throughput and forwarding rate for unicast IP packets sent at a constant rate and packet size. While stateless UDP traffic performance is valuable in determining the raw packet forwarding performance of the engine, it is not applicable to real world deployments.

The BreakingPoint Firewall Test Methodology is designed to accurately emulate the production environment in which the firewall will be deployed. BreakingPoint testing tools use the most recent vulnerabilities, stateful application mixes, accurate load, a pseudo-random number generator (PRNG) and more to ensure your test is realistic, repeatable and deterministic. By fully understanding a firewall's true performance, a network manager can effectively decide which vendor or model to use in their network, the appropriate product placement and when it is necessary to upgrade existing equipment.

Get instant access to the new Firewall Testing Methodology.

Additional BreakingPoint Test Methodology Resources

BreakingPoint provides a library of test methodologies designed to help service providers, enterprise and government buyers validate the performance, security and resiliency of a range of network equipment including:

Server Load Balancer Test Methodology

When performing server load balancer testing it is important to ensure that the device under test performs well and processes transactions reliably under adverse conditions, such as extreme load, security attacks and other anomalies. BreakingPoint explains how to test server load balancers under the most realistic conditions.

Intrusion Prevention Systems (IPS) Test Methodology

IPS require constant testing in order to verify the device is working properly, even after every upgrade and/or signature set. BreakingPoint details how to test IPS through the simulation of realistic global network traffic.

Deep Packet Inspection (DPI) Test Methodology

Effective testing of DPI functionality requires an authentic blend of application traffic, combined with live security strikes, at line-rate speeds. In this test methodology BreakingPoint examines how to test DPI capabilities in any network device.

About BreakingPoint

BreakingPoint accelerates the development and testing of high-performance content-aware network equipment, ensures network resiliency and reduces time to test with fast, accurate, responsive, and easy-to-use application, performance and security testing tools. BreakingPoint is headquartered in Austin, Texas, with offices throughout the world. For more information visit and download the latest resources for cyber security testing, 10GigE testing and more.

Contact Information


Keyword Cloud

View Website

  • ipv6 dual stack testing