Testing Firewalls

Testing Firewalls

The firewall is your company's defence system, protecting vulnerable applications from outsiders.  This defence system is clever, it allows in friends and keeps out enemies.  Security testing of your firewalls is a vital aspect to your business security.

Our Security Testing services offer the most robust security tests on the firewalls market.

Performance is just one aspect of the quality assurance work that must take place on a new or upgraded firewall. It is important that the firewall performs under load and during sustained security attacks. An inefficient or slow firewall can delay friends and hurt your business.

There are a number of considerations when planning a Performance Test and Security Test of your firewall.

Ideally the workload generated in a Performance Test would include a scenario whereby friendly and unfriendly requests are generated. The firewall may exert a lot more effort when it is fending off an attack. A number of scenarios should be undertaken. These include tests that would determine:

- The maximum number of TCP connections created per second

- The maximum number of concurrent users that could be connected

- The maximum http (hits per second) rate that can be achieved

- The maximum bandwidth utilisation that can be serviced

In order to run the above tests a target application will have to be used. The application used is not important, it will serve as a reflector receiving requests and responding to those.  The security testing of firewalls undertaken needs to monitor the reflector application to ensure that it does not become a bottleneck (a so called artificial bottleneck) thus limiting the ability to properly find the limits of the firewall itself.

A tool will need to be chosen. While tools such as Loadrunner, Silk Performer and QAload are very good at generating large workloads and simulating hundreds or thousands of users, they tend to do this well for http type message protocols.

Spirent’s Avalanche performance test tool can generate HTTP type traffic as well as a wide range of other non HTTP protocols such as:

  • - 802.1Q and 802.1 Q-in-Q
  • - FTP (Active/Passive)
  • - SMTP
  • - ICMP
  • - CIFS
  • - SIP over TCP
  • - SIP over UDP
  • - Unicast Streaming Quicktime RTSP/RTP
  • - Unicast Streaming RealNetwork RTSP/RTP
  • - Unicast Streaming Microsoft MMS
  • - Multicast Streaming IGMPv2
  • - IGMPv3
  • - RTMP and MLDv2

Rather than record a single user session, Avalanche can be used to generate realistic network traffic consisting of multiple message protocols and types. Avalanche is not a tool that can be installed,t i comes on a pre-configured box that can be slotted straight into your data centre all ready to go. Avalanche can be complimented by Spirent’s Threatex product which can be used to generate actual attacks against your defences.  As little as 5 days are required to execute a Security Test that combines a Performance Test against your firewall.

Spirent’s Avalanche can be used to test the performance of  network components other than the firewall including your load balancers, routers and  switches.

Your network implementation can be subjected to performance validation. Quality of Service (QoS) can be tested to ensure that your most important message types are not impacted by users browsing the internet. Fail-over testing and redundancy to ensure continuous service under high workloads can be validated.

Our Firewall testing service is a one of the key offerings of our Security Testing Service.