how to test high-performance next-generation firewalls
DESCRIPTION
Testing next-generation firewalls necessitates simulating realistic network conditions to help you validate your enterprise firewall performance, attack detection and blocking while increasing stability and reliability under extended attack.TRANSCRIPT
How To Evaluate High-Performance Firewalls
About Crossbeam
Deployed in 10 out of top 11 Service Providers in the world
Deployed in 1000+ Global Enterprise Companies
Global operations – 11 Years Strong.
• Headquarters: Outside Boston, MA • Support & services in over 50
countries• 60+ Global Integrators• 50+% International Business• 13 out of 14 Quarters positive
EBITDA
• Crossbeam helps the Global 2000, Service Providers and Government agencies consolidate their security infrastructure.
• Crossbeam’s open platform - the X-Series - scales linearly and offers best-of-breed security
The Crossbeam Virtual Infrastructure
Internet
Crossbeam creates a “Network in a Box”• Network Processor Modules• Application Processor Modules• Control Processing Modules
FW
L2
L2
IPS
LB
LB
LB
LB
The X-Series Platform becomes a “Virtual Infrastructure” integrating both Network Processing & Application Processing
The Crossbeam X-Series Portfolio
The Most Scalable Open Secure Platforms
X20
X30
X60
X80-S• 4-Slot Flexible
Chassis
• Pre-Configured for one application
• Expandable to 2 applications
• 5Gbps Backplane Performance
• 4-Slot Flexible Chassis
• Pre-Configured for one application
• Expandable to 2 applications
• 10Gbps Backplane Performance
• 7-Slot Modular Chassis
• Expandable to 5 applications
• 80Gbps Backplane Performance
• Single Box HA
• 14-Slot Modular Chassis
• Expandable to 10 applications
• 150Gbps Backplane Performance
• Single Box HA
IT Firestorm Threatens Business Performance
Does High-Performance = Resilient?
6
4 Keys to Evaluating High-Performance Gear: #1
7
Real-World Blended Application Traffic
4 Keys to Evaluating High-Performance Gear: #2
8
Enable Rules and Commence Attack
4 Keys to Evaluating High-Performance Gear: #3
9
Set-Up, and Tear-Down, Connections
4 Keys to Evaluating High-Performance Gear: #4
10
Sustaining Connections, During Load
How? Attack Thyself!
Real Attacks• 4,500 live security attacks• 100+ evasions• Malware & Spam• DDoS and Botnet simulation• Custom attacks• Research and frequent updates
Real World Applications• 150+ application protocols• Social media, peer-to-peer, voice, video• Web and enterprise applications, gaming• Custom applications• Frequent updates
Unprecedented Performance with McAfee Firewall Enterprise
• 40 Gbps blended application traffic• 10M concurrent TCP sessions• 160,000 connections/second• 38 Gbps SSL bulk encryption
Validating High-Performance Gear
REMEMBER TO EVALUATE:1. Performance with blended applications2. Performance with security rules enabled3. Ability to set-up AND tear-down connections4. Ability to sustain connections, during load
High-Performance Network GearClient
Simulation150+ Blended
Application Traffic (ex: HTTP, MySQL, Oracle)
+ 4500+ Live
Security Strikes+
Millions of Sessions
Questions and Answers
13