SPIRENT NETWORK Ensure Your Carrier, Enterprise, and Mobile Network Infrastructure Is Secure

Network protection is the number one IT concern of businesses globally and significant investment is made in security products. Can they really be trusted? Don’t rely on vendor claims to thwart attacks that are becoming more complex by the day. Don’t put your network at risk. Trust in Spirent to validate that your network security system performs as intended.

The key to successful security testing is knowing what to test, Trusted Performance when to test and how to test. Any security solution must have the Spirent TestCenter with Spirent Avalanche™ and Spirent Studio™ ability to: security testing solutions are trusted industry-wide. Spirent ŊŊ Detect and prevent hundreds of thousands of known attacks, TestCenter has won numerous industry awards and has been blended attacks and vulnerabilities selected as the test solution of choice for countless public tests ŊŊ Maintain throughput with processor-intensive features like because of its capabilities. content-filtering enabled ŊŊ Maintain acceptable performance while under attack

Optimal times to test are prior to making any purchase decision, deployment on the live network, after network upgrades have been implemented to ensure devices are correctly configured, and before new services rollouts. Periodic testing is also advisable, especially at the rate new attacks are surfacing. Spirent TestCenter™ provides purpose-built, end-to-end security Spirent TestCenter C100 testing ranging from Terabit-scale, at line rate speeds to emulate daily business traffic, to validating security capabilities via testing, DDoS replication and much more. Spirent has experts and solutions that will assist in security test planning, either on-site Check Point 61000 Security System or virtually. Check Point selected Spirent’s security solution to test the performance and scalability of the 61000 Security System. Tested with Spirent Avalanche, the 61000 provides customers with the security and scale needed to meet the most demanding enterprise and service provider needs.

“The Check Point 61000 security system is a multi-bladed hardware platform for enterprise data

centers, telecommunications carriers and cloud service providers. Testing a high performance system

that can scale up to 1Tbps of firewall throughput with support for 70 million concurrent connections

and 600,000 sessions per second requires an equally high performance testing solution”

Fred Kost, head of product marketing

2 EANTC Security Performance Crossbeam X80-S

EANTC reached out to Spirent to test Crossbeam’s X80-S firewall in a test environment that emulated a next generation mobile network with one million active mobile subscribers and more than 107 Gbps of data throughput.

3 Network Security Testing Requires Unparalleled Flexibility and Converged Innovation

Spirent tests performance with realism at scale which provides visibility into production network scenarios in the lab with instant feedback. This is vital for enterprises and service providers that experience heavy traffic which may make them more vulnerable to security issues.

Testing the security of today’s converged IP networks requires a and mobile carriers to validate today’s all-IP network IDS and IPS test solution that can support and validate complex infrastructure abilities, throughput and performance under attack in the lab and across enhancements. Upgrades must be made to increase scale and live networks. performance and accommodate migration to cloud and virtual Spirent security solutions are capable of Terabit scale testing of millions technologies. Security systems must be updated for the new environment of concurrent connections for carrier, data center, cloud and large while maintaining security across existing legacy networks. enterprise networks. In addition, they are capable of testing application- Spirent TestCenter™ with Avalanche and Studio provides a fast path aware networks to ensure protection against today’s cyber-security forward by enabling equipment manufacturers, enterprise and fixed threats to mobile devices, tablets and laptops.

SPIRENT TESTCENTER 11U The Spirent TestCenter 11U chassis is the next generation in chassis architecture, designed SPIRENT TESTCENTER 3U to handle complex The Spirent TestCenter 3U chassis is the next generation mobile multiprotocol scale and chassis for Spirent HyperMetrics neXt test modules. It’s designed for cloud virtualization complex, multi-protocol scale and cloud virtualization testing needs. testing needs.

ŊŊ Designed for today’s secure app-aware mobile, enterprise and carrier networks ŊŊ Supports a full range of test cases ŊŊ Supports Spirent Avalanche, Spirent Landslide and Spirent Studio applications. 4 SPIRENT TESTCENTER C1 SPIRENT TESTCENTER C100 Layer 4 – 7 Layer 4 – 7 SPIRENT AVALANCHE™ SPIRENT STUDIO™ Terabit Scale Application-Aware Security/Performance UI Application Performance/Security Test UI

Performance and security testing for application- aware networks. Multi 10 Gbps security, attack and performance testing for ŊŊ Tests the impact of mixed security attacks and real network infrastructures, Web application infrastructures, application traffic at scale virtual/cloud infrastructures and Triple Play services. ŊŊ Measures the accuracy of DPI-based detection ŊŊ 40Gbps line rate support for Spirent TestCenter mX and classification 40G modules ŊŊ Validates the effectiveness of configured policies Provides support for virtual environments, including ŊŊ ŊŊ Tests DUT traffic inspection capabilities of malware, VMware, KVM, QEMU, Zen and Hyper-V undesirable URLs and spam and its ability to take ŊŊ Provides multi-protocol support appropriate defensive actions ŊŊ Extensive, flexible reporting ŊŊ Fuzzing testing of security solution for resiliency against ŊŊ 80 Gbps line rate support on C100 unknown zero-day attacks

11U 3U C100 C1 Virtual 11U 3U C100 C1

ŊŊ Ideal for network element engineering development, design and test ŊŊ Validates virtualized network performance, groups requiring physical access to a test port on the workbench scalability and security ŊŊ Ideal for network equipment manufacturers doing burn-in and ŊŊ Ensures seamless transitions when migrating to a production line tests requiring low port count and compactness virtualized data center or cloud environment ŊŊ Ideal for technical and field marketing groups that need to mirror ŊŊ Reduces TCO by testing virtualized infrastructure actual network scenarios and traffic patterns so networks, services prior to hardware or end-to-end testing with a 5 and individual network elements can be quickly validated single integrated system in a hybrid environment Save Time, Save Money with Optimized Infrastructure for Network Security Testing

SPIRENTSpirent out-performs TESTCENTER and out-scales the competition makingSPIRENT it easier to TESTCENTER achieve accurate, reliable testing HIGH PERFORMANCE AND SCALABILITY FOR HIGH SPEED ETHERNETENABLING THE TEST MOBILE BROADBAND EXPERIENCE HYPERMETRICSand deterministic results NEXT in less time.40/100 GIGABITHYPERMETRICS TEST MODULES MX 2, 4 AND 8-PORT 10G ETHERNET TEST MODULE

The Spirent TestCenter 10G Ethernet HyperMetrics mX test module with Cloud Core processing Benefit From Scalable Performance and enablesA maximumvalanche performance Layer and scale4-7 without user disabling Quality test ports. When testing Realism converged,of Experiencemulti-service devices, testing the HyperMetrics mX ensures delivery of the mobile The Spirent TestCenter 40/100G Ethernet HyperMetricsmultiplay neXt experience test bymodule combining highwith performance Cloud statefulCore traffic, high scale routing, processingSpirent TestCenter™ enables technology maximum is uniquely performance designed to test security,and scale access over andŊŊ Compatiblemobilehigh-speed control with plane industry Ethernet. on a single leading module. Targetinghigh-performance With 96 x 10Gtesting portsmulti-protocol in a single Spirent scalability, and availability from any-to-any point in the infrastructure. TestCenter chassis,application the HyperMetrics layer testing mX scales to 960 Gbps of stateful data performance, 6 million mobile subscribers and 1 million BGP sessions. of multi-terabitMaking sure the network routers is protected and high-scale from sophisticated cloud cyber-threats, infrastructure, HyperMetrics neXt ensures dataplane SOLUTIONŊ OVERVIEWŊ Provides full client/server capabilityAPPLICATIONS for self-contained deep session QoSand with maintains high acceptable performance throughput trafficand performance and verifies when under the scalabilityThe Spirent TestCenterlayer HyperMetricsof 4-7 routing, testing neXt™ modules access, use the application• Converged Mobile Routers and—Test firewall and DPI, mobile attack is a critical milestone toward delivering on the expectation highest performance Intel processors designed for cloud and high gateway capacity and performance, and mobile backhaul security protocols. With four 40G ports and two 100Gperformance portsŊ computing.Ŋ Provides per These module, processorsline rate are (up a fundamental theto 40Gbps HyperMetrics perthroughput, module) timing of neXtandstateful resilience traffic all from a singleand module of high QoE. building block of Spirent TestCenter Cloud Core™ processing, which • Mobile Gateways—Validate IP throughput and AnyG mobility 40/100G delivers the highest density high-speed Ethernetintelligently distributes millionstest resources solution of acrossemulated ports. This perusers architecture rack capacity unit. with millions of subscribers and per port line-rate data with is the foundation of the HyperMetrics neXt family of test modules, minimum sized packets and detailed per mobile statistics Combining Cloud Core and Intel high performance multi-core processors which support line-rate, stateful application traffic to extreme scale • Cloud Infrastructure & Applications—Ensure security on all ports ŊandŊ toProvides line-rate data hyper-realistic capacity on 32 ports. web, media, security/encryption, attack and with the award-winning HyperMetrics™ and HyperMetrics neXt™ devices, IDS/IPS, load balancers and applications meet their SOLUTION OVERVIEW APPLICATIONSThe Spirent TestCenterbusiness HyperMetrics™ traffic mX module emulation is available performance, availability, security and scale requirements platforms, Spirent TestCenter creates the foundation for testing next in 2, 4 and 8 port 10GbE variants for both SFP+ and 10GBase-T. • High Scale Terabit Routers—Test convergence and scalability Spirent TestCenter™ HyperMetrics™ neXt modules use the • EnablingHigh the ŊScale mobileŊ Provides broadband Terabit extensive experience, Routers the high-performance module: Test is 40G andof complex, HTTPS/SSL100G multi-protocol Ethernet capabilities topologies core with unprecedented generation network security. Spirent TestCenter Cloud Core is based designed to test converged devices that combine stateful features scale and realism most advanced Intel® processors designed for high performance likerouters DPI andŊ firewallŊ withProvides with highAny-G comprehensivemobile scale, gateways, multi-protocol high-scale IPsec tunnel topologies and encrypted traffic on patented technologies designed to add native elastic computing to MPLS mobile backhaul and terabit forwarding planes. With the computing. These processors are a fundamental building block of • combinationHigh Capacity Cloudcapabilities Core™ processing Multiservice allowing and the deep you Routers real-time to test : ANValidateY traffic IP throughputover IPsec tunnels the Spirent TestCenter Layers 2-7 performance test platform. Cloud analysis that Spirent TestCenter is known for, the HyperMetrics mX Spirent TestCenter Cloud™ Core processing, which intelligently deliversand enhanced Any G realism mobility with scale with and performance. millions of subscribers and per-port distributesCore uses resources parallel processingacross ports. to optimize This architecture testing tasks is the across all test line-rate data with minimum-sized packets and detailed per- Spirent TestCenter HyperMetrics mX 10G Ethernet Test Module foundationports– idealof the for HyperMetrics validating security neXt acrossfamily theof test most modules complex which converged IP mobileHyper statisticsMetrics neXt mX 10G Ethernet Module supportsystems. extreme With scale Spirent on TestCenter all ports. you can: • Data Center Fabrics: Validate the forwarding performance and The SpirentŊŊ Next-gen TestCenter firewalls HyperMetrics neXtŊ 40/100GŊ Load balancers Ethernet modules functional capabilities of ultra-high scale, next-generation are availableŊŊ IDS/IPS in twosignature levels validation of performance:Ŋ mXŊ DPI for engines the highest multi-terabit cloud data center fabrics available emulation performance and fX for cost-effective mid-level ŊŊ UTM ŊŊ DDoS testing emulation performance. They are available in 2-port 40G/ FEATURES & BENEFITS Web security gateways WAN optimizers 1-portŊ 100G,Ŋ 4-port 40G/ and 2-port 100GŊ Ŋvariants. Also available Testing 40GŊŊ Author or 100G tests Ethernet-enabled representative of events routers likely or data to be center encountered are versionsŊŊ Performance that support only 100G operationŊŊ Resiliency and only and 40G fuzzing testingswitches requiresin real networks a tester that can emulate multiple layers of operation for those applications that do not require dual speed network protocols and scale to perform real-time cause/effect capability. With the combination of Cloud Core processing and the analysisŊ onŊ Export millions these of visual,statistics automated while putting tests as the a script system to be through executed deepSpirent real-time analysis TestCenter that Spirent 40/100G TestCenter is Ethernetknown for, these realistic scenarios,within any such regression as dynamic test harness topology changes and fail- modulesHyper deliverM enhancedetrics neXt realism Test with scale Module and performance. overs. The Spirent TestCenter HyperMetrics mX 40/100G module’s Cloud CoreAchieve processing Accurate, and real-time Intelligent, cause/effect analysis enables testing highly- scaled terabit networks and devices. Dynamic Results Cloud CoreThe industry’s is based moston several accurate patent and comprehensive pending technologies set of real-time designedresults to add gives elastic you the computing insight to eliminateto the Spirent customer-found TestCenter defects. Layer 2-7 performance software platform. Cloud Core optimizes However, a test tool that delivers millions of individual metrics is not testing tasks across parallel processes, pooling processes across multipleenough. X86 processor Intelligent cores Results and provide threads. data Tests correlation beds builtwith hierarchical on Cloud Coreresults provide — bringing an exceptional important information combination to the of user’s scalable attention and performancemaking and drill-down realism analysis and are simple ideal for for transmit testing and the receive most statistics. complex converged IP systems, such as cloud data centers and high-performance mobile networks.

Modules support both 100G and 40G operation ŊŊ 1-port 100G CFP / 2-port 40G QSFP+ module ŊŊ 2-port 100G CFP / 4-port 40G QSFP+ module CFP, CXP, and QSFP+ in a single module ŊŊ 100G CXP support with ACC-6068A adapter 6 (supports copper connection) ŊŊ 40G QSFP+ support with ACC-6069A adapter Experience Increased Testing Efficiency Save Time, Save Money with Optimized Spirent TestCenter built-in automation tools make it easy to maintain a SWITCH test program that’s efficient and increases product or service speed to FIREWALL market — which is critical in today’s competitive world. TEST EQUIPMENT Infrastructure for Network Security Testing ŊŊ Spirent Test Expert software wizards show you how to test. Test cases guide the user through pre-defined test cases step-by COMMANDS DUT step. Finalized test cases may then be run immediately from the test environment or saved as a Tcl script for running in an integrated RESPONSES regression environment. ŊŊ Spirent TestCenter API is a powerful API that enables the test case author to replicate practically any GUI functionality in a user script. Only Spirent TestCenter provides native programmatic interfaces in Tcl, Perl, C, Java and Ruby, allowing you to work in the language of

your choice. TRAFFIC GENERATOR ŊŊ Spirent TestCenter Command Sequencer is a visual test authoring tool within the Spirent TestCenter UI. Users can: ROUTER ▸▸Emulate dynamic network behavior in test cases without writing a single line of code. ▸▸Emulate dynamically changing network conditions Spirent OnDEMAND Test Services ▸▸Author tests representative of events likely to be encountered Spirent OnDEMAND is a suite of packaged test services designed to in real networks detect and mitigate problems before you launch your new enterprise ▸▸Export these visual, automated tests as a script to be executed infrastructure, cloud services or applications. Through the use of proven, within any regression test harness advanced techniques, a structured testing approach, and full benefit of Spirent’s award-winning Spirent TestCenter test equipment, Spirent Spirent iTest Avalanche and Spirent Studio Security test solutions, we eliminate risks of inadequate security for new or enhanced data centers, converged iTest is a software solution for test productivity that integrates with networks, multi-play solutions and applications, and services. Spirent TestCenter. iTest allows developers and testers to rapidly develop new test cases without specialized programming expertise. Spirent OnDEMAND leverages the expertise of the Spirent Professional iTest uses unique and differentiated technologies to capture user Services team to provide hands-on assistance to meet all major security actions, orchestrate network testing across multiple devices, and easily testing needs. Our test methodology and automation experts are parse and analyze unstructured device responses. In addition, iTest IETF and RFC authors have developed industry benchmarks and best automatically documents all user actions and system device responses practices. They assist in defining standards and performance tests for saving significant time. The result is portable and maintainable test cases standards bodies and industry forums. that can be used for “lights out” . Spirent OnDEMAND has developed two categories of on-site package Spirent iTest provides a comprehensive approach for rapidly authoring Security test services: test cases. With iTest, developers, testers, and customer-facing Security Test Package personnel can: ŊŊ Attack detection/DDoS ŊŊ Worm outbreaks Orchestrate with network devices and traffic generators ŊŊ ŊŊ Evasion ŊŊ Performance under attack to create an automated system test solution ŊŊ Sessions supported include CLI, Test Equipment, SNMP, Web, Java Swing, Security & Application Performance Test Package Flash (Flex), web services, VNC, serial port, Tcl, and VMware vSphere ŊŊ Security testing (Package 1) ŊŊ Bandwidth/Throughput ŊŊ Utilize advanced analysis and conditional logic for pass/fail criteria ŊŊ Connections per second ŊŊ Failover/High availability and branching ŊŊ Concurrent connections ŊŊ Automatically generate comprehensive and customizable OnDEMAND network security test services include test equipment documentation for every run, providing proof of testing and concise rental, scalability and volume testing, endurance and soak testing, information for bug reports and issue resolution performance evaluation and tuning, and load and for ŊŊ Store test cases and test results in customer’s choice of source vendor device selection. control management and database systems, including SVN, SQL, HP ALM, and IBM Rational ŊŊ Create graphical topologies that provide a single-click connection to any testbed device for setup, teardown, or diagnostic procedures ŊŊ iTest topologies can be reserved for specific test case execution 7 and used to remotely change network topologies using Layer 1 and Layer 2 switches Americas Europe and Middle East Asia and the Pacific 1-800-SPIRENT +44 (0) 1293 767979 +86-10-8518-2539 1-818-676-2683 [email protected] [email protected] [email protected] www.spirent.com

© 2013 Spirent Communications, Inc. All of the company names and/or brand names and/or product names referred to in this document, in particular the name “Spirent” and its logo device, are either registered trademarks or trademarks pending registration in accordance with relevant national laws. All rights reserved. Specifications subject to change without notice.

Rev. A 01/13