how to test high-performance next-generation firewalls

How To Evaluate High-Performance Firewalls

About Crossbeam

Deployed in 10 out of top 11 Service Providers in the world

Deployed in 1000+ Global Enterprise Companies

Global operations – 11 Years Strong.

• Headquarters: Outside Boston, MA • Support & services in over 50

countries• 60+ Global Integrators• 50+% International Business• 13 out of 14 Quarters positive

EBITDA

• Crossbeam helps the Global 2000, Service Providers and Government agencies consolidate their security infrastructure.

• Crossbeam’s open platform - the X-Series - scales linearly and offers best-of-breed security

The Crossbeam Virtual Infrastructure

Internet

Crossbeam creates a “Network in a Box”• Network Processor Modules• Application Processor Modules• Control Processing Modules

FW

L2

L2

IPS

LB

LB

LB

LB

The X-Series Platform becomes a “Virtual Infrastructure” integrating both Network Processing & Application Processing

The Crossbeam X-Series Portfolio

The Most Scalable Open Secure Platforms

X20

X30

X60

X80-S• 4-Slot Flexible

Chassis

• Pre-Configured for one application

• Expandable to 2 applications

• 5Gbps Backplane Performance

• 4-Slot Flexible Chassis

• Pre-Configured for one application

• Expandable to 2 applications

• 10Gbps Backplane Performance

• 7-Slot Modular Chassis

• Expandable to 5 applications

• 80Gbps Backplane Performance

• Single Box HA

• 14-Slot Modular Chassis

• Expandable to 10 applications

• 150Gbps Backplane Performance

• Single Box HA

IT Firestorm Threatens Business Performance

Does High-Performance = Resilient?

6

4 Keys to Evaluating High-Performance Gear: #1

7

Real-World Blended Application Traffic

4 Keys to Evaluating High-Performance Gear: #2

8

Enable Rules and Commence Attack

4 Keys to Evaluating High-Performance Gear: #3

9

Set-Up, and Tear-Down, Connections

4 Keys to Evaluating High-Performance Gear: #4

10

Sustaining Connections, During Load

How? Attack Thyself!

Real Attacks• 4,500 live security attacks• 100+ evasions• Malware & Spam• DDoS and Botnet simulation• Custom attacks• Research and frequent updates

Real World Applications• 150+ application protocols• Social media, peer-to-peer, voice, video• Web and enterprise applications, gaming• Custom applications• Frequent updates

Unprecedented Performance with McAfee Firewall Enterprise

• 40 Gbps blended application traffic• 10M concurrent TCP sessions• 160,000 connections/second• 38 Gbps SSL bulk encryption

Validating High-Performance Gear

REMEMBER TO EVALUATE:1. Performance with blended applications2. Performance with security rules enabled3. Ability to set-up AND tear-down connections4. Ability to sustain connections, during load

High-Performance Network GearClient

Simulation150+ Blended

Application Traffic (ex: HTTP, MySQL, Oracle)

+ 4500+ Live

Security Strikes+

Millions of Sessions

Questions and Answers

13