Testing Darwinsim: The History and Evolution of Network Resiliency

Transcription

1 Testing Darwinsim: The History and Evolution of Network Resiliency Mike Hamilton Ixia Communications Session ID: SPO-210 Session Classification: General Interest

2 Why Should I Care? 2

3 RESILIENCY Defining Resiliency Performance How Application load, attacks, and impairments. Why Measure and improve performance under high-stress conditions. Security Latest attacks, evasions, malware, and spam. Identify and remediate vulnerabilities. Perform under DoS attack. Stability Impairments combined with application load. Ensure reliable performance and availability. 3

4 Performance Performance How Application load, attacks, and impairments. Why Measure and improve performance under high-stress conditions. 4

5 The Datasheet Game Carrier Class Firewall Metric Firewall A Firewall B Firewall C *3WHS+D+3WC **Derived from PPS Connectivity Stated as Application 5

6 The Datasheet Game Carrier Class Firewall Metric Firewall A Firewall B Firewall C Throughput (Max) 150 Gbps 560 Gbps 640 Gbps *3WHS+D+3WC **Derived from PPS Connectivity Stated as Application 6

7 The Datasheet Game Carrier Class Firewall Metric Firewall A Firewall B Firewall C Throughput (Max) Throughput (IMIX) 150 Gbps 560 Gbps 640 Gbps 37.8 Gbps 560 Gbps 135 Gbps *3WHS+D+3WC **Derived from PPS Connectivity Stated as Application 7

8 The Datasheet Game Carrier Class Firewall Metric Firewall A Firewall B Firewall C Throughput (Max) Throughput (IMIX) Throughput (64B) 150 Gbps 560 Gbps 640 Gbps 37.8 Gbps 560 Gbps 135 Gbps 7.7 Gbps** 560 Gbps 31 Gbps** *3WHS+D+3WC **Derived from PPS Connectivity Stated as Application 8

9 The Datasheet Game Carrier Class Firewall Metric Firewall A Firewall B Firewall C Throughput (Max) Throughput (IMIX) Throughput (64B) Connections per Second* 150 Gbps 560 Gbps 640 Gbps 37.8 Gbps 560 Gbps 135 Gbps 7.7 Gbps** 560 Gbps 31 Gbps** 380, M 320,000 *3WHS+D+3WC **Derived from PPS Connectivity Stated as Application 9

10 The Datasheet Game Carrier Class Firewall Metric Firewall A Firewall B Firewall C Throughput (Max) Throughput (IMIX) Throughput (64B) Connections per Second* Concurrent Connections 150 Gbps 560 Gbps 640 Gbps 37.8 Gbps 560 Gbps 135 Gbps 7.7 Gbps** 560 Gbps 31 Gbps** 380, M 320,000 20M 280M 100M *3WHS+D+3WC **Derived from PPS Connectivity Stated as Application 10

11 The Datasheet Game Carrier Class Firewall 11

12 The Datasheet Game Carrier Class Firewall Metric Firewall A Firewall B Firewall C 12

13 The Datasheet Game Carrier Class Firewall Metric Firewall A Firewall B Firewall C Throughput (64B) 7.7 Gbps 560 Gbps 31 Gbps 13

14 The Datasheet Game Carrier Class Firewall Metric Firewall A Firewall B Firewall C Throughput (64B) 7.7 Gbps 560 Gbps 31 Gbps CPS 380, M 320,000 14

15 The Datasheet Game Carrier Class Firewall Metric Firewall A Firewall B Firewall C Throughput (64B) 7.7 Gbps 560 Gbps 31 Gbps CPS 380, M 320,000 Worst-case Throughput 1.8 Gbps 15.8 Gbps 1.5 Gbps 15

16 The Datasheet Game Carrier Class Firewall Metric Firewall A Firewall B Firewall C Throughput (64B) 7.7 Gbps 560 Gbps 31 Gbps CPS 380, M 320,000 Worst-case Throughput Worst-case Goodput 1.8 Gbps 15.8 Gbps 1.5 Gbps 6 Mbps 52 Mbps 5.1 Mbps 16

17 Performance Performance How Application load, attacks, and impairments. Why Measure and improve performance under high-stress conditions. 17

18 Security Performance How Application load, attacks, and impairments. Why Measure and improve performance under high-stress conditions. Security Latest attacks, evasions, malware, and spam. Identify and remediate vulnerabilities. Perform under DoS attack. 18

19 Does Mark the Spot? 19

20 IPS Imprecise Performance Systems Firewall A Firewall B Firewall C Throughput (64B) 7.7 Gbps 560 Gbps 31 Gbps CPS 380, M 320,000 Worst-case Throughput Worst-case Goodput IPS Throughput 1.8 Gbps 15.8 Gbps 1.5 Gbps 6 Mbps 52 Mbps 5.1 Mbps 26 Gbps Gbps 40 Gbps 20

21 DDoS Are You Ready? 21

22 Why Should I Care? 22

23 $,,, 23

24 DLP Dollar Loss Prevention 24

25 RESILIENCY Stability Performance How Application load, attacks, and impairments. Why Measure and improve performance under high-stress conditions. Security Latest attacks, evasions, malware, and spam. Identify and remediate vulnerabilities. Perform under DoS attack. Stability Impairments combined with application load. Ensure reliable performance and availability. 25

26 Stability 26

27 How to Measure? 27

28 Why Should I Care? 28

29 Combinations and Permutations = = = 64 OR =

30 Combinations = = x packets On a 10 Gbps link at 15mm PPS = 2.08x seconds = 3.46x minutes = 5.78x hours = 2.41x days = 6.59x years = 4.7x lifetimes of the Universe 30

31 Why Should I Care? 31

32 Combinations and Permutations = = 160 = = 64 OR = 160 =

33 Combinations = = 1.77 x packets On a 10 Gbps link at 15mm PPS = 1.18x10 65 seconds = 1.96x10 63 minutes = 3.27x10 61 hours = 1.36x10 60 days = 3.73x10 57 years = 2.66x10 47 lifetimes of the Universe 33

34 Resiliency 34

35 Resiliency Testing: A History Lesson Internet Growth Leads to Technology Standards IETF Testing Standards RFC 1944 RFC 2544 RFC

36 RFC 2544: Right Standard, Wrong Time Original Goal Create Vendor-Agnostic Comparisons 18 years later (Today) Industry continues to apply RFC 2544 to nextgeneration and content aware devices 36

37 RFC 3511: False Sense of Security? HTTP is NOT an Application 37

38 Mobility in Action 38

39 Moving Ahead: Evolving Testing Standards IETF Benchmarking Working Group Content-aware device methodology Industry consortiums DPIbench 39

40 Resiliency = Battle-Tested Apply emerging standards today Download the most recent work Understand your network traffic Enterprise, service provider, government, etc. 40

41 Apply: Takeaways Ask your vendor*: 1. Are you keeping up with emerging testing standards? 2. What application mixes and weights do you use during testing? 3. Do you combine applications and high-stress user load during testing? 4. What have the results been when you have tested using malformed traffic? 5. How does the device perform against application-layer attacks? 6. Can I test your product with my unique network, application, and user conditions? *Vendors, ask yourself the same questions. 41

42 Apply: Final Thoughts Read between the lines Money matters Just because code hasn t been touched doesn t mean it is not the problem Never leave a test port idle Utilize industry resources 42

43 Questions? $,,, Contact information: Mike Hamilton Director of Global Systems Engineering BreakingPoint Systems 43