Upload
others
View
6
Download
0
Embed Size (px)
Citation preview
BreakingPoint Storm CTM™
Is Your Network Infrastructure Resilient Against Attack and High-Stress Application Traffic?The BreakingPoint Storm CTM™ finds previously impossible-to-detect stress fractures in your network, network devices or data center before they are exploited
The BreakingPoint Storm CTM is a Cyber Tomography Machine designed
for the world in which we live—a perilously interconnected universe with
escalating network traffic and cyber attacks from a growing list of enemies.
It is the only product that allows you to pinpoint previously impossible-
to-detect weaknesses and vulnerabilities in network components such
as routers, switches, firewalls, servers and data centers before they can be
exploited to wreak havoc within your critical network infrastructure.
Why Cyber Tomography? Why Now?
While the term Cyber Tomography may sound unusual to describe a
cybersecurity product, consider the following analogy. X-ray computed
tomography (CT)—or the medical CAT scan—was a breakthrough that
allowed physicians to visualize the inner workings of the complex human
body under stress to detect impossible-to-see abnormalities. Much like a
CAT scan that requires the injection of dyes and the emission of waves of
energy into the body, BreakingPoint’s Cyber Tomography Machine (CTM)—
the BreakingPoint Storm CTM—emits extreme application and malicious
traffic into network devices and systems while recording and displaying
the effects over time. Based on a breakthrough in network processor
technology and a future-proof product architecture, only BreakingPoint
Storm CTM can provide this unprecedented insight by producing these
real-world conditions:
• A custom blend of stateful application and malicious traffic for your
network at 40 Gigabits per second
• An always current real-world mix of applications and attacks
• Unprecedented scalability producing true global network scenarios
and traffic from millions of users
With the ability to simulate real-world conditions at those performance
levels, only the BreakingPoint Storm CTM can truly measure the
resiliency and accuracy of products that rely on deep packet inspection
(DPI) technology—network devices, lawful intercept systems, data loss
prevention solutions and more. By measuring the resiliency—performance,
security and stability—of discrete network components under high-stress,
hostile conditions, BreakingPoint enables you to find the hidden stress
fractures lurking within your critical network.
Comprehensive Applications, Attacks, Service and Support
BreakingPoint also offers the BreakingPoint Application and Threat
Intelligence (ATI)™ Program, an all-in-one service backed by a team of
security experts. This program keeps your BreakingPoint Storm CTM
updated with the latest security attacks and applications, as well as new
product features and performance upgrades as they are released.
Enterprises, government agencies and contractors, service providers
and network equipment manufacturers at the forefront of the war on
cybercrime rely on BreakingPoint products and expertise to:
• Harden Network Infrastructures: Assault network infrastructures
with a custom, global and current blend of stateful applications, live
security attacks and extreme high-stress load to measure resiliency.
Gain visibility into never-before-seen areas of your network, probing
every weakness and vulnerability to pinpoint hidden stress fractures.
• Optimize Data Center Resiliency: Simulate the behavior of millions
of users, a crush of real-world application traffic and live security
attacks to ensure that data centers will be resilient under hostile
conditions—all without the need to deploy racks of high-speed
servers and costly software.
• Evaluate Network Equipment: Evaluate and select the most
appropriate network equipment for your infrastructure with
standardized, repeatable and deterministic product assessments.
Measure and harden the resiliency of routers, switches, firewalls, IPS,
UTM and other devices by subjecting them to real-world conditions
prior to deployment and after patches or configuration changes.
• Maintain Resiliency and Compliance: Identify network devices or
systems that would benefit from tuning and configuration changes.
Audit and maintain standards compliance throughout the life cycle of
network devices and systems.
• Research and Train Security Experts: Re-create global-scale network
conditions and the ever-changing threat landscape. Analyze the
impact of traffic on network devices and systems to conduct research
and train the next generation of security experts.
Learn More Inside >>
BreakingPoint Storm CTM™
The BreakingPoint Storm CTM measures how your network or data center
will weather cyber attack or the stress of high-volume traffic with a solution
that is:
Comprehensive: Simulates Real-World Scenarios
The BreakingPoint Storm CTM provides comprehensive simulations for any
situation:
• Network Profiles – Use preconfigured traffic profiles to represent
a range of network scenarios—wireless, global service provider,
enterprise, government and others
• Application Simulator – Measure the ability of a network device to
accurately process a variety of application layer traffic flows
• Client Simulator – Measure the ability of a server or server farm to
efficiently handle extreme traffic volume by simulating the behavior
of millions of concurrent users
• Security – Subject a device to thousands of unique security attacks to
validate blocking capabilities or confirm the stability of devices
• Session Sender – Measure the ability of a device to handle concurrent
TCP sessions by creating and maintaining large numbers of valid TCP
sessions with contrived data
• Stack Scrambler – Measure the ability of a device to operate in the
face of invalid IP, UDP and TCP packets produced by fuzzing
• Re-create – Capture and re-create traffic flows that are independent
of network topology
• Routing Robot – Measure the ability of a device to correctly route IP
packets by producing IP packets with a UDP payload
Realistic and Adaptive: More Than 4,500 Security Attacks and
130 Applications With Frequent Updates
The BreakingPoint Storm CTM adapts to the ever-changing cyber landscape
with the latest real-world applications and live security attacks.
• Live Security Attacks – With security in our DNA, BreakingPoint
provides an extensive and always current library of 4,500 realistic
security attacks with updates published by our dedicated team of
in-house security researchers. Using advanced security coprocessor
technology, these attacks are randomized, obfuscated and
undetectable by trivial pattern-matching intrusion prevention system
(IPS) algorithms
• Microsoft® Tuesday Updates – Ensure that your network or device is
fully covered with full Microsoft Tuesday coverage
• Real-World Applications – Select and blend stateful application
traffic from a library of more than 130 of the world’s most popular
applications: AOL® IM, Google® Gmail, FIX, Gnutella, IBM DB2,
VMware® VMotion™, HTTP, Microsoft® CIFS/SMB, MAPI, Oracle,
Encrypted BitTorrent™, eDonkey, MSN® Nexus, RADIUS, SIP, Skype™,
Windows Live™ Messenger, World of Warcraft®, Yahoo!® Mail, Yahoo!®
Messenger and many others
• Custom Toolkits – Optional Custom Toolkits accelerate attacks and
proprietary protocols
BreakingPoint Storm CTM Cybersecurity Advantages
Real-World Application and Network Profiles
• Preconfigured stateful application traffic profiles for a range of networks:
mobile, service provider, enterprise, government, higher education and
others
• Blend of more than 130 global applications, such as AOL® IM, Google®
Gmail, FIX, Gnutella, IBM DB2, VMware® VMotion™, HTTP, Microsoft®
CIFS/SMB, MAPI, Oracle, Encrypted BitTorrent™, eDonkey, MSN® Nexus,
RADIUS, SIP, Skype™, Windows Live™ Messenger, World of Warcraft®,
Yahoo!® Mail, Yahoo!® Messenger and many others
• No performance degradation with blended protocols
• Stateful re-creation of captured traffic, including an industry-leading
2 Gigabytes of capture buffer per port
• Optional Custom Application Toolkit for proprietary applications
Live Security Attacks
• Searchable library of more than 4,500 live security attacks and frequent
updates
• Comprehensive Microsoft® Tuesday coverage
• More than 80 evasions to validate common security defenses
• Optional Custom Strike Toolkit for custom attacks
All-in-One Application and Threat Intelligence
• The latest attacks and applications as well as new product features,
upgrades, maintenance, service and support
• Backed by dedicated Application and Threat Intelligence team
Deep Packet Inspection (DPI), Data Loss Prevention, Anomaly Detection
and Lawful Intercept Validation
• DPI validation using needle-in-a-haystack scenarios
• Ability to embed anomalous traffic patterns and multilingual keywords
into tens of millions of data streams
Easy to Use, Easily Scalable
• Intuitive object-oriented user interface for creating realistic simulations
• Wizard-like labs for accelerating configuration
• Ability to scale to unlimited performance levels
Unprecedented Performance from a Single Chassis
• 40 Gbps of stateful application traffic
• 80,000+ SSL sessions per second from a single chassis
• 30 million concurrent TCP sessions
• 1.5 million TCP sessions per second
• 600,000 steady-state complete TCP sessions per second
Comprehensive IPv6 Compliance Validation
• Most current and complete IPv4/IPv6 dual-stack
BreakingPoint Storm CTM™
Fast: Emits High-Stress Traffic Composed of Millions of Users, 40 Gb of Stateful Applications and 80,000 SSL Sessions per Second
The BreakingPoint Storm CTM emits a high-speed mix of hundreds of application protocols, thousands of security attacks and millions of users to measure the
resiliency of your network infrastructure against attack and high-stress load.
• High-Speed Blended Application Traffic – Assault network devices and networks with up to
40 Gigabits per second (Gbps) of stateful application traffic in a single chassis
• Network Processor–Based Architecture – Reach unprecedented throughput levels with
the only solution architected for performance, realism and responsiveness using a patent-
pending network processor–based platform. The native 64-bit architecture delivers
unparalleled performance in a single 3-slot chassis:
• 40 Gbps of stateful application traffic
• 80,000+ SSL sessions per second from a single chassis
• 30 million concurrent TCP sessions
• 1.5 million TCP sessions per second
• 600,000 steady-state complete TCP sessions per second
• 1GigE and 10GigE Interfaces – Mix or match your choice of an 8-port 1GigE or 4-port 10GigE
interface card
• Scalable – Scale to enormous performance levels with multiple chassis using a single user interface, one configuration and integrated reporting
Easy to Use, Scale and Update: Provides Extensive Automation, Preconfigured Labs and Intuitive User Interface
The BreakingPoint Storm CTM makes it easy to reuse scenarios, parameters and application
settings; run concurrent independent simulations; and even perform all features via the Tcl
API. Create and modify complex evaluations and measurements without the need for time-
consuming scripting and reduce configuration time to a matter of minutes.
• Simulation Labs – Streamline configuration with a library of preconfigured simulations
that combine all the elements needed for many common product assessments,
including:
• BreakingPoint Resiliency Score™
• RFC 2544 Validation Lab
• Mobile Network Optimization
• Session Sender Lab
• Device Control and Automation – Connect directly to a network or data center device to
gather performance and security measurements without the need for a separate switch
• Simulation Import/Export – Enable multiple users to share and reuse scenarios for a range
of devices with an easy-to-use bulk import/export functionality
• Real-Time Statistics – Immediately visualize measurement data during the evaluation
• Extensive Reporting – Generate comprehensive and configurable reports, in Web/PDF
format or as raw data, that provide insight and analysis to staff at all levels. Automatically
produce detailed reports to streamline remediation efforts
• ATI Program for Updates, Service and Support – Automatically receive the latest attacks,
applications and operating systems upgrades at no additional cost, as well as access to
comprehensive service and support
• Network Neighborhood – Unique within the industry, the BreakingPoint Storm CTM
advanced user interface separates application simulation components from a particular
network topology, making it simple to scale and to reconfigure simulations around new
requirements. This object-oriented user interface eliminates complexity and makes it easy
to reuse parameters and application settings by layering them on top of easily reconfigured
network topologies
BreakingPoint Storm CTM Application ManagerChoose from more than 130 applications, and tailor each protocol and
simulation to your exact needs.
BreakingPoint Storm CTM Intuitive User InterfaceCreate and modify complex simulations with built-in automation,
preconfigured labs and an intuitive user interface.
BreakingPoint Storm CTM Strike DatabaseSearch for the live security attacks you need; save them in a smart list
and it will automatically update with the latest attacks that fit your
original search criteria.
BreakingPoint Storm CTM™
• Multi-User – Conduct up to 16 concurrent simulations for maximum productivity,
and add multiple users with varying privileges
• Scalable Simulation – Scale to enormous performance levels by linking multiple
BreakingPoint Storm CTMs using a single user interface, configuration and
integrated reporting
• Tcl API – Build your own sophisticated scenarios with our full-featured
programmatic Tcl interface
Repeatable, Deterministic and Scientific: Leverage Proven
Methodologies, Repeatable Labs and Pseudo Random
Number Generation
The BreakingPoint Storm CTM features prepackaged simulation labs for standardized
and repeatable assessments. The product also supports pseudo random number
generation (PRNG) to ensure that randomized components of a simulation can be
repeated. The BreakingPoint Storm CTM is also the only product to provide a Resiliency
Score Lab, a repeatable, deterministic and scientific score of a device’s performance,
security and stability over time.
• Prepackaged and Repeatable Simulation Labs – Leverage preconfigured
simulation labs that require minimal modification to streamline setup and
tedious configuration changes
• Pseudo Random Number Generation (PRNG) – Produce random yet repeatable
traffic simulations using a PRNG seed. PRNG ensures that even the randomized
components of a simulation sequence may be repeated identically across
multiple cycles
• BreakingPoint Resiliency Score™ – Use the standardized Resiliency Score Lab
for a deterministic, scientific and easy-to-use evaluation mechanism for the
performance, security and stability of networking devices. With virtually no
configuration effort, users can easily compare the resiliency of numerous
networking devices or highlight scoring trends over time, holding their
equipment vendors accountable for performance and security weaknesses
The BreakingPoint Resiliency Score
Certification for performance and security is nothing new. In fact,
we have come to expect it for everything from our phones to our
automobiles. Yet cyber infrastructure equipment, which supports
our businesses and governments, has no standardized certification
for performance and security. Instead we rely on statements made
in product marketing
literature, which
are based on best-
case scenarios, not
real-world truths.
Organizations want
measurable answers,
not assurances,
when it comes to
cybersecurity.
The BreakingPoint
Resiliency Score
replaces marketing
assurances with the
measurable answers needed to harden cyber infrastructure against
attack and peak application load. Using the BreakingPoint Resiliency
Score, available within the BreakingPoint Storm CTM, enterprises,
service providers and government agencies can evaluate equipment
using an objective, repeatable and scientifically measured certification
of the performance, security and stability of any network or network
device. The BreakingPoint Resiliency Score is a highly automated,
relevant and reproducible scoring mechanism that measures the
resiliency of a network or network device under real-world application
traffic, real-time security attacks, heavy user load and other methods.
The BreakingPoint Resiliency Score lets you:
• Conduct standardized, deterministic and repeatable bake-offs to
evaluate vendor performance and security claims
• Identify deployments that are inherently less resilient and
establish risk models for managed security service engagements
• Institute and consistently analyze accurate liability models
• Create tiered pricing models that take into account liability and
risk models
• Identify and remediate security and performance degradation
over time to ensure ongoing resiliency
• Rightsize your infrastructure by evaluating resiliency based on
deployment scenarios
• Make more informed network device and service purchase
decisions
The BreakingPoint Resiliency ScoreA standardized and highly automated means to measure
and deterministically score the performance, security and stability
of networking devices.
BreakingPoint Storm CTM™
All Inclusive: Stay Current With The Application and
Threat Intelligence (ATI) Program
BreakingPoint products are architected to adapt rapidly to change. That is the only way
to ensure that networks will maintain ongoing resiliency against attack. BreakingPoint
continuously introduces security strikes and applications from BreakingPoint Labs through our
Application and Threat Intelligence (ATI) service and support program.
The only research team of its kind, the BreakingPoint ATI team is a dedicated group of security
researchers and application protocol engineers committed to keeping the BreakingPoint
Storm CTM completely current. The research team provides frequent strike and protocol
updates and is on call to provide users with requested protocols, often in a matter of hours.
The combination of the BreakingPoint Storm CTM and up-to-date security strikes and
protocols enables you to find critical cyber infrastructure vulnerabilities before it is too
late.
Additional Options
• BreakingPoint Custom Application Toolkit: Write and accelerate your own proprietary applications
• BreakingPoint Custom Strike Toolkit: Develop and accelerate custom security attacks
BreakingPoint Storm CTM Technical Specifications
System Configuration
• 3-slot chassis with 1 system controller
• Up to 2 interface cards per chassis; options include:
• 10GigE interface card
• 4 10GigE ports
• XFP interface
• 2 Gigabytes of capture buffer per port
• 1GigE interface card
• 8 1GigE ports
• SFP interface
• 1 Gigabyte of capture buffer per port
Physical Specifications
• Rack Units: 4
• Installed: 17.4 in. W x 7 in. H x 19.5 in. D (44.2 cm W x 17.8 cm H x 49.8 cm D)
• Shipping Weight: 45 lbs. (20.4 kg)
• Operating Environment: 15° C to 40° C
• Nonoperating Environment: -20° C to 70° C
• Power Requirements: 100-240V, 50/60 Hz
• Maximum Power Consumption: 1200W
• Regulatory Approvals: FCC Class A, CE, EN60950
BreakingPoint ATI ProgramKeep your simulations current with the very latest live security attacks,
real-world applications and features automatically updated to your
BreakingPoint Storm CTM.
The BreakingPoint Storm CTM3-slot chassis is available with a 10GigE or 1GigE interface card and can be
seamlessly connected to additional chassis for unlimited performance scalability.
BreakingPoint Storm CTM™
Partial List of More Than 130 Real-World Applications
In addition to more than 4,500 live security attacks, the BreakingPoint Storm CTM supports a growing portfolio of more than 130 applications, with new
applications and security attacks added frequently. Visit www.breakingpoint.com for the most up-to-date list.
AUTHENTICATION
DIAMETER
RADIUS Accounting
RADIUS Access
CHAT
AOL® IM
AIM6 Keyserver
AIM6 Rendezvous
AIM6 Switchboard
IRC
Jabber
MSN® Dispatch
MSN® Nexus
Oscar
QQ IM
Windows Live™ Messenger
Yahoo!® Messenger
DATABASES
IBM DB2®
Informix®
Microsoft SQL®
MySQL
Oracle®
PostgresSQL
Sybase®
TDS
TNS
DATA TRANSFER
FTP
Gopher
HTTP
NNTP
RSync
TFTP
DATA TRANSFER / FILE SHARING
IPP
NetBIOS
NFS
SMB/CIFS
SMB v2
DISTRIBUTED COMPUTING
Citrix
DCE/RPC
VMware® VMotion™
AOL Webmail
Google® Gmail
GMX Webmail & Attachment
Hotmail & Attachment
IMAP
POP3
SMTP
Yahoo! Mail & Attachment
ENTERPRISE APPLICATIONS
Endpoint Mapper
Exchange Directory
MAPI Exchange
SAP®
FINANCIAL
FIX
FIXT
GAMES
World of Warcraft®
PEER-TO-PEER
Applejuice
BitTorrent™ Peer
BitTorrent Tracker
Encrypted BitTorrent
eDonkey™
Gnutella™ Leaf
Gnutella Ultrapeer
PPLive
QQLive
WinNY
REMOTE ACCESS
RDP
REXEC
RFB
RLogin
RSH
Telnet
SECURE DATA TRANSFER
HTTPS
SSH
SOCIAL NETWORKING
Twitter™
SYSTEM/NETWORK
ADMINISTRATOR
DNS
IDENT
Finger
LDAP
NTP
RPC Bind
RPC Mount
SNMP
Sun® RPC
Syslog
Time
TELEPHONY
H.323
MM1
SMPP
TESTING AND MEASUREMENT
Chargen
Daytime
Discard
Echo
OWAMP Control
OWAMP Test
QOTD
TWAMP Control
TWAMP Test
VOICE / VIDEO
H.225.0
H.225 RAS
H.245
MMS MM1
RTP
RTP Unidirectional Stream
RTCP
RTSP
SIP
Skype™
SkypeTM UDP Helper
SMPP
STUN
BreakingPoint Storm CTM™
Notes:
www.breakingpoint.com© 2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.All other trademarks are the property of their respective owners.
BreakingPoint Storm CTM™
About BreakingPointBreakingPoint pioneered the first and only Cyber Tomography Machine (CTM) to
expose previously impossible-to-detect stress fractures within cyber infrastructure
components before they are exploited to compromise customer data, corporate assets,
brand reputation and even national security. BreakingPoint cybersecurity products
are the standard by which the world’s governments, enterprises and service providers
optimize the resiliency of their cyber infrastructures. For more information, visit
www.breakingpoint.com.
BreakingPoint Storm CTM
BreakingPoint has pioneered Cyber Tomography with the introduction of the
BreakingPoint Storm CTM, enabling users to see for the first time the virtual stress
fractures lurking within their cyber infrastructure through the simulation of crippling
attacks, high-stress traffic load and millions of users.
BreakingPoint Storm CTM is a three-slot chassis that provides the equivalent
performance and simulation of racks and racks of servers, including:
• 40 Gigabits per second of blended stateful application traffic
• 30 million concurrent TCP sessions
• 1.5 million TCP sessions per second
• 600,000+ complete TCP sessions per second
• 80,000+ SSL sessions per second
• 130+ stateful applications
• 4,500+ live security strikes
BreakingPoint Resources
Hardening cyber infrastructure is not easy work, but nothing that is this important
has ever been easy. Enterprises, service providers, government agencies and
equipment vendors are under pressure to establish a cyber infrastructure that can
not only repel attack but that is also resilient to application sprawl and maximum
load. BreakingPoint’s CTM provides the technology and solutions that allow these
organizations to create a hardened and resilient cyber infrastructure. BreakingPoint
also provides the very latest industry resources to make this process that much easier,
including resiliency methodologies, how-to guides, white papers, webcasts and a
newsletter. To learn more, visit www.breakingpoint.com/resources.
BreakingPoint Application and Threat Intelligence Community
Join discussions on the latest developments in application and threat intelligence.
BreakingPoint Labs brings together a diverse community of people leveraging the
most current insight to harden cyber infrastructure to withstand crippling attack and
high-stress application load. Visit www.breakingpointlabs.com.
Contact BreakingPoint
Learn more about BreakingPoint products and
services by contacting a representative in your area.
1.866.352.6691 U.S. Toll Free
www.breakingpoint.com
BreakingPoint Global Headquarters
3900 North Capital of Texas Highway
Austin, TX 78746
email: [email protected]
tel: 512.821.6000
toll free: 866.352.6691
BreakingPoint Government Solutions Group
Washington, D.C.
email: [email protected]
tel: 703.443.1501
BreakingPoint EMEA Sales Office
Paris, France
email: [email protected]
tel: + 33 6 08 40 43 93
BreakingPoint APAC Sales Office
Suite 2901, Building #5, Wanda Plaza
No. 93 Jianguo Road
Chaoyang District, Beijing, 100022, China
email: [email protected]
tel: + 86 10 5960 3162