Ixia's IxLoad-Attack testing application can generate malicious traffic such as DDOS attacks and over VPN connections to give security managers a view of how well their security products perform.
Ixia is offering IT security administrators a network
vulnerability testing tool that can detect and exploit vulnerabilities in both
enterprise networks and cloud computing environments.
The IxLoad-Attack recreates malicious traffic and floods the
network to detect and exploit known vulnerabilities. With this testing kit,
security managers can thoroughly test cloud infrastructures as well as
enterprise, government, and service provider networks.
"Ixia's security test solution is the perfect tool for
verifying not only the effectiveness and accuracy of security solutions, but
also measuring key network performance while under attack," Vic Alston,
Senior Vice President of Product Development at Ixia, wrote in a Feb. 9
The tool can validate network security appliance performance
by assessing whether attacks were effectively and accurately blocked, according
to Ixia. The tool can also monitor network performance to ensure the appliances
aren't slowing down mission-critical applications while under attack.
It can also send malicious
traffic over encrypted and non-encrypted connections, Ixia said. The IxLoad-IPsec
application can be used to encrypt all types of traffic for performance testing of VPN
(virtual private network) gateways and other encryption devices. This ensures
that security managers can test how their networks handle malware in both
encrypted IPsec and SSL traffic as well as in normal traffic.
IxLoad test applications can authenticate sessions using
EAP, PPP, and NAC, Ixia said. It also uses GTE-encapsulation to test 3G and LTE
wireless core networks.
The testing tool has a comprehensive database of more than
6,000 unique attacks, Ixia said. IxLoad-Attack updates itself regularly to keep
its database of threats up-to-date. Along with malicious traffic, it can also
provide customized "good" traffic that can be used as a reference to test what
security devices are doing, Ixia said.
There has been an explosion in the type and volume of
attacks companies have to defend against, and the attacks have also become much
more complex. Malware like Stuxnet are targeting devices IT managers hadn't
thought about before, such as industrial controller systems, and the growing
popularity of cloud services within the organization means there are multiple
"boundaries" that need to be protected, Ixia said.
"Virtualized data centers, cloud computing, and network
infrastructures, while providing an economic means of satisfying Internet and
intranet requirements, vastly increase security enforcement complexity,"
With IxLoad-Attack, security managers can generate
Internet-scale distributed denial-of-service attacks in the controlled
environment to view how the network and applications would fare in a real DDOS
attack, according to the company. The DDOS feature can simulated various types
of attacks, including SYN,ICMP and ARP floods, Ixia said. While DDOS attacks
have always been a concern to IT managers, they have dominated security news
recently with high-profile attacks against corporations and government Web
"Security concerns are at the forefront of IT managers'
minds as they seek to balance security and access," said Jeff Wilson, Analyst
at Infonetics. With security products continuously being updated with the latest
threat information, security managers have to continually test existing network
configurations, Wilson said.
The IxLoad-Attack tool will be demonstrated during the RSA
Conference in San Francisco, Feb. 14 to Feb. 17.