Managing the Transition of Your Applications to IPv6



Similar documents
Firewall Testing Methodology W H I T E P A P E R

Network Configuration Settings

How to connect? I can't connect to the Internet? Why are certain web pages blocked?

How to connect? I can't connect to the Internet? I can't send s from the train? Why are certain web pages blocked?

BLOOMBERG ANYWHERE FOR MOBILE CUSTOMERS

USER CONFERENCE 2011 SAN FRANCISCO APRIL Running MarkLogic in the Cloud DEVELOPER LOUNGE LAB

ICSA Labs Network Protection Devices Test Specification Version 1.3

OpenFlow Conformance Test Program

Troubleshooting BlackBerry Enterprise Service 10 version Instructor Manual

CSC E Mail. Mobile Device Configuration Settings and Setup Instructions

QRadar SIEM 6.3 Datasheet

CRESTRON-APP/CRESTRON-APP-PAD

SECURITY ADVISORY FROM PATTON ELECTRONICS

CA Service Desk Manager - Mobile Enabler 2.0

CRESTRON-APP/CRESTRON-APP-PAD Control App for Apple ios

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

Configuration Guide BES12. Version 12.2

Achilles Assurance Platform. Dr. Nate Kube Founder / CTO Wurldtech

Configuration Guide BES12. Version 12.3

IPv6 Tunneling Over IPV4

ISA Security Compliance Institute. ISASecure Embedded Device Security Assurance Certification

What is new for HP LoadRunner and Performance Center 11.52

CRESTRON-APP-ANDROID Control App for Android

Configuration Guide BES12. Version 12.1

ISA Security. Compliance Institute. Role of Product Certification in an Overall Cyber Security Strategy

Cisco Advanced Services for Network Security

Web Security Firewall Setup. Administrator Guide

Sophos Mobile Control Installation prerequisites form

2X SecureRemoteDesktop. Version 1.1

464XLAT: Breaking Free of IPv4. T-Mobile.com NANOG 61 June 2014

SSL-TLS VPN 3.0 Certification Report. For: Array Networks, Inc.

IPv6 Transport Support and Market Segmentations

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

Improving Web Application Firewall Testing (WAF) for better Deployment in Production Networks January 2009 OWASP Israel

Lab Testing Summary Report

Next Generation IPv6 Network Security a Practical Approach Is Your Firewall Ready for Voice over IPv6?

Integrating Web Application Security into the IT Curriculum

Cisco Application Networking for IBM WebSphere

FISMA / NIST REVISION 3 COMPLIANCE

Telepresence in an IPv6 World. Simplify the Transition

Evaluating IPv6 Firewalls & Verifying Firewall Security Performance

Security Policy JUNE 1, SalesNOW. Security Policy v v

Concierge SIEM Reporting Overview

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

Six Days in the Network Security Trenches at SC14. A Cray Graph Analytics Case Study

Splunk Enterprise Log Management Role Supporting the ISO Framework EXECUTIVE BRIEF

Intro to Firewalls. Summary

HP Performance Center 11.5: What s New? Gurmeen Aneja

Security F5 SECURITY SOLUTION GUIDE

Product Overview. DSL Xpert Advantages. Flexible Configuration Options. User-Friendly PC-Controlled GUI. Testing of ADSL, ADSL2 and ADSL2+

HYPERLINK Internet PC setup guide. HYPERLINK Internet support helpdesk at

Check Point submitted the SWG Secure Web Gateway for

Today s Topics. Protect - Detect - Respond A Security-First Strategy. HCCA Compliance Institute April 27, Concepts.

The Webcast will begin at 1:00pm EST.

White Paper. Securing and Integrating File Transfers Over the Internet

How To Synchronize With A Cwr Mobile Crm 2011 Data Management System

Designing a Windows Server 2008 Network Infrastructure

Module 1: Overview of Network Infrastructure Design This module describes the key components of network infrastructure design.

LESSON Networking Fundamentals. Understand TCP/IP

Technical Note. ForeScout CounterACT: Virtual Firewall

BlueCat Networks Adonis and Proteus on Citrix NetScaler SDX Platform Overview

Edgewater Routers User Guide

1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet

Cconducted at the Cisco facility and Miercom lab. Specific areas examined

Securing and Monitoring BYOD Networks using NetFlow

AVI NETWORKS CLOUD APPLICATION DELIVERY PLATFORM FOR VMWARE VCLOUD AIR

Configuring Avaya 1120E, 1140E, 1220 and 1230 IP Deskphones with Avaya IP Office Release 6.1 Issue 1.0

Business Case for a DDoS Consolidated Solution

OpenFlow Conformance Test Program

Importance of Web Application Firewall Technology for Protecting Web-based Resources

KonyOne Server Prerequisites _ MS SQL Server

Table of Contents. Cisco Blocking Peer to Peer File Sharing Programs with the PIX Firewall

Router Throughput Tests

Reverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006

HRG Performance Series DVR DDNS Support Application Note (DynDNS)

Horizontal Integration - Unlocking the Cloud Stack. A Technical White Paper by FusionLayer, Inc.

OPC UA vs OPC Classic

LogMeIn Backup. Getting Started Guide

Microsoft Windows Server 2008: MS-6435 Designing Network and Applications Infrastructure MCITP 6435

Cisco Disaster Recovery: Best Practices White Paper

The Network Application Security Architecture Requirement

CA Mobile Device Management 2014 Q1 Getting Started

BlackBerry Universal Device Service. Demo Access. AUTHOR: System4u

Using Cisco UC320W with Windows Small Business Server

Transcription:

Managing the Transition of Your Applications to IPv6 Using Testing as a Strategic Advantage Thomas Maufer tmaufer@mudynamics.com MU DYNAMICS, INC. ALL RIGHTS RESERVED COPYRIGHT 2011

Thankfully We re Past This Not that there aren t a lot of challenges left to conquer 2

Deployment of IPv6 According to a 2007 IPv6 Forum Ready Logo white paper Effective testing of IPv6 products is of critical importance If that was true in 2007, what concerns people in 2011? Testing networks and applications Products are still the foundation But successful rollouts need to test a lot more than layer 3! 3

The First Step for Recovering IPv4 Addicts Admitting you have a problem Just kidding: IPv6 is not a 12-step program! Check out these tweets from last Friday: We are the FIRST test equipment vendor listed as an IPv6 Ready WWW site: http://www.ipv6forum.com/ipv6_enabled/approval_list.php?&start=810 Short URL:http://bit.ly/eKeZNW If you want to access our website from an IPv6-enabled browser, you can use this http://www.mudynamics.com/ or this http://[2607:fe70:11::1:3240]/ Short URL:http://bit.ly/gaz6o1 4

What Do Customers Want? Certification Verification Life cycle management Controlling costs 5

Certification Historically: Two main thrusts IPv6 Ready Multiple phases, many protocols Conformance, interoperability NIST USGv6 NPD Firewalls, IDS/IPS, etc. Looking forward: What does it mean to certify apps? High in the stack, standards wane in significance Each app has custom interactions 6

Partnership with UNH-IOL and ICSA Only 2 labs currently NIST-certified for USGv6 testing Both are Mu partners UNH-IOL ICSA Labs Both are using Mu Test Suite as part of their NPD testing Network Protection Devices

Applicability of Certification Testing Validation/spot-checks during purchasing process Sanity-checking old gear (that may never get a logo) It may have new code that claims to support IPv6, though Running conformance or interoperability tests in your production network configuration Many others 8

Verification Expanded scope of certification From: Does my device work? To: Does my network work? Does my defense-in-depth work? Do my servers work? Load balancers? Apps? Once people prove that something works They probably want to verify periodically Is it still working? They would probably prefer to leverage similar or identical test assets to evaluate IPv6 as well as IPv4 Some folks may need to prove that they are IPv6 Ready Federal/OMB mandate 9

Number of Apps is Exploding 600,000 apps now on Facebook 250,000 apps now on Apple App Store 150,000 apps on Android Number of Apps 10

Mu TestCloud Collaborative Testing IPv6 Ready and NIST USGv6 NPD test assets available for download No cost! 11

Mu Workflow It is as simple as... Recreate real apps by downloading 100 s of ready-torun tests from Mu TestCloud or automatically generate tests from traffic captures One test for Scale, Security and Functional testing Security (Fuzz) Run Scale Functional (Verify) Mu TestCloud Recreate µ Your Network Share test cases with others, inside and outside your org Internal Teams Share Vendors Mu TestCloud

Life Cycle Management Testing classification don t over-complicate things Functional: Does it work? Over IPv4? Stress: Over IPv6? Does it compile? Does it run overnight? Does it run under load? Security: Does it survive invalid or unexpected inputs? Does it survive denial-of-service attacks? Does it deflect known attacks? 13

Controlling Costs Everyone is challenged by IPv6 Testing budgets are chronically constrained Staff levels in IT and QA rarely increase People are demanding automation Due to the crushing workload Trade off capital vs. operational expenses What kind of customers are these? Federal & Enterprise Operators Primarily ISPs NEMs Routers/switches Infrastructure IP address management» DHCP» DNS 14

What s Different Now? Vendors and Operators don t control the apps Apps first appear on the network after release HTTP is the new TCP Apps may look the same, but they re all different Unpredictable demand Ramp up to millions of users in hours/days Mobile devices connect differently to the network iphone, BlackBerry, Droid Existing test vendors can t keep up Too many apps even for the largest test vendors 15

Mu Test Suite - Immediate Testing of Any App Mu Studio Scale Ready-to-run Tests on Mu TestCloud 30% 20% 50% App-Aware Service Pcaps on pcapr.net 16

Testing to the Rescue IPv6 is here IPv6 mostly works Making it work for you -- that s the challenge! Applications are also a big challenge As if a million apps weren t a big enough challenge on their own Now you have to test them over IPv4 and IPv6 Our customers are winning the battle 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information