Professional Documents
Culture Documents
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
Table of Contents
Introduction..................................................................................................................................................................................................................... 3
IPv6: Generic Traffic....................................................................................................................................................................................................... 5
IPv6: Dual Stack.............................................................................................................................................................................................................. 21
IPv6: Security................................................................................................................................................................................................................... 36
IPv6: Fuzzing.................................................................................................................................................................................................................... 46
IPv6: Security Fuzzing................................................................................................................................................................................................... 55
About BreakingPoint.................................................................................................................................................................................................... 65
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
Introduction
Internet Protocol version 6 (IPv6) is the next-generation Internet Layer protocol for packet-switched internetworks. IPv6 is the designated
successor to IPv4, which is the first implementation used on the Internet. While IPv6 is the successor to IPv4, both protocols are currently
being used on the Internet. This arrangement will likely remain in place for years to come, as a wholesale conversion to IPv6 is simply not
feasible.
Although IPv6 has been a standard for more than a decade, it has not yet gained broad acceptance. With the rapid exhaustion of IPv4
addresses, however, it is generally accepted that IPv6 will eventually become the de facto IP standard. Already, most organizations have
hidden IPv6 traffic running across their networks that few are equipped to detect or manage.
For those reasons it is becoming more urgent to that ensure IPv6 equipment is properly configured and evaluated for its ability to
successfully transmit data. This requires thorough validation of the capabilities of IPv6 alone and as a dual stack, running both IPv4 and IPv6,
or any other configuration that could be used.
To ensure that IPv6 equipment and todays network infrastructures are resilient in the face of increasing application traffic or attack, it is
important to rethink traditional IPv6 testing. Legacy bit blasting tools, artificial traffic, and an outdated IPv6 stack will inevitably lead to
production network problems and missed vulnerabilities. To capture precise, standardized and repeatable measurements of performance,
security and stability, your evaluation should emulate the actual deployment environment as closely as possible. And that requires
emulating a real mix of application traffic at line rate speeds, peak user load, and current attack traffic.
Directly connected devices such as routers, switches and firewalls will also have an effect on packet loss, latency and data integrity. And the
number of advertised host IP and MAC addresses, VLAN Tagging, and NAT will affect the performance of IPv6 equipment. If it is not feasible
to fully recreate the deployment environment, the BreakingPoint Storm CTM should be connected directly to the device. All devices and
builds must be evaluated in a standardized and repeatable manner using the same network conditions to ensure consistent results.
IPv6 Network Device Evaluation Methodology Elements
The following methodology was designed to enable you to thoroughly validate IPv6 capabilities using the most current and realistic
network conditions possible. It is a standardized methodology designed for repeatable evaluations of IPv6 devices and covers the following
critical components:
IPv6: Generic Traffic
Measures the ability of the device to transmit IPv6 traffic. Several metrics are produced, measuring device capabilities, latency, packet
loss and throughput.
IPv6: Dual Stack
Measures the ability of the device to transmit both IPv4 and IPv6 traffic. Dual stack configurations will be common for many years, so it
is vital to verify correct configuration. Several metrics are produced to measure device capabilities, latency, packet loss and throughput.
IPv6: Security
Determine how escalating security threats will affect overall performance. Different attacks are generated, and the latency, packet loss
and throughput of the device are measured.
IPv6: Fuzzing
Measures the impact of malformed packets that are present on todays networks. Metrics are produced, measuring the impact of
malformed packets and legitimate traffic on latency, packet loss and throughput of the device.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
Overview:
This test is performed to verify that IPv6 has been correctly configured and data is able to transmit through the device. The device will be
configured to use IPv6. The BreakingPoint Storm CTM will be configured to transmit data through the device using IPv6.
Objective:
Determine the latency, packet loss and throughput of the device while using IPv6 traffic.
Setup:
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
1.
Launch your favorite Web browser and connect to the BreakingPoint Storm CTM. Click Start BreakingPoint Systems
Control Center once the page loads.
2.
In the new window that is displayed, type your Login ID and Password. Click Login.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
3.
4.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
5.
Under the Network Neighborhoods heading, click the plus symbol located at the bottom right to create a new network
neighborhood.
6.
In the Give the new network neighborhood a name box enter IPv6 Test as the name and click OK.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
7.
Notice that multiple Interface tabs are available for configuration, but only two are required for the evaluation. The extra
interfaces can be removed if desired by clicking the X to delete this interface. When prompted about removing the
interface, click Yes. The remaining interfaces will be renamed. Repeat this process until only two interfaces remain.
8.
With Interface tab 1 selected, click the Plus (+) in the Domains section located just below interface tabs.
9.
When prompted to enter a new domain name enter IPv6 and click OK button to create the new domain.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
10. With Interface tab 1 selected and IPv6 domain selected, click the ellipsis icon {} located at the bottom of the window
to open and display subnet details.
11. Select the IPv6 radio button. A new window will be displayed stating that changing to IPv6 will clear all of your address
fields. Click Yes.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
10
12. Configure the selected interface subnet IP information with the following: Network IP Address: fd00:6477:aaaa:0000::
and Prefix of 64. Use the Type drop-down menu to select Virtual Router. Configure the Virtual Router IP Address as
fd00:6477:aaaa:0000::1. Next, configure the Minimum IP Address with fd00:6477:aaaa:0000::2 and the Maximum IP
Address as fd00:6477:aaaa:0000::ff and click Accept.
13. Select the Interface 2 tab and repeat step 8 creating a new domain named IPv6. Repeat steps 9 and 10 opening the
Network Neighborhood and selecting IPv6 radio button and accept the change for interface 2. Enter the following IP
information: Network IP Address: fd00:6477:cccc:0000:: and Prefix of 64. Use the Type drop-down menu to select Virtual
Router. Configure the Virtual Router IP Address as fd00:6477:cccc:0000::2. Next, configure the Minimum IP Address with
fd00:6477:cccc:0000::1 and the Maximum IP Address as fd00:6477:cccc:0000::ff and click Accept.
Notes:
Any valid IPv6 Network addressing can be used when configuring your Network Neighborhood. The above IPv6 address
space is just one example.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
11
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
12
17. In the Choose a device under test and network neighborhood window the Device Under Test section, verify
BreakingPoint Default is selected. Under Network Neighborhood(s), right half of window, verify that the newly created
IPv6 Test is selected. Click Accept.
18. Under the Test Quick Steps, select Add a Test Component.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
13
19. In the Select a component type window, click Application Simulator (L7).
20. Under the Information tab, enter IPv6 Traffic as the name and click Apply Changes.
21. Select the Interfaces tab. Verify that Interface 1 Client is enabled and select IPv6 from drop down menu to ensure this
domain will be used. Verify Interface 2 Server is enabled and select IPv6 domain from drop down menus, click Apply
Changes.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
14
22. Select the Presets tab and select, Service Providers Apps. Click Apply Changes once completed.
23. Select the Parameters tab. Several changes will need to be made in this section. The first is located in the Data Rate
section. Change the Minimum data rate to 1000 (1Gig). Click Apply Changes once complete.
24. Next, locate the Session Ramp Distribution section. Several changes will be made in this section to the run time of
the test. Change the Ramp Up Time Interval to 10 seconds, the Steady-State Time Interval to 5 Minutes and the
Ramp Down Time Interval to 10 seconds. Scrolling will be required to change some of those parameters. Click Apply
Changes once complete.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
15
25. Next, under the Parameters tab locate the Session Configuration section. Change the Maximum Simultaneous
Session to a value of 100000 and Maximum Sessions per Second to 50000. Locate the TCP Configuration section
and change the Maximum Segment Size value to 1440. Click Apply Changes once complete.
26. To edit the test description, select Edit Description under the Test Information section.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
16
27. Finally, select Save and Run under the Test Quick Steps.
28. When prompted for a name, enter IPv6 Traffic and click Save.
The Summary tab will initially be displayed. This tab shows information such as TCP Connection Rate, Bandwidth and
Application Transaction Rate.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
17
29. Select the Application tab. Verify that traffic is being transmitted for each protocol. Use the drop-down menu to select a
new protocol to view.
30. When the test is completed, a new window will be displayed. Click the Close button to close the window.
31. When the test is completed, click the View the report button.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
18
32. Expand Test Results for IPv6 Traffic and select IP Summary. Determine if a significant number of frames were dropped
during the test.
33. Next, select Frame Latency Summary. Using the table, determine the average, minimum and maximum frame latency.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
19
34. Next, expand the Detail folder and select Frame Data Rate. Determine the rate at which traffic was able to transmit at a
steady rate.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
20
Overview:
This evaluation is being performed to verify that the device is able to process both IPv4 and IPv6 data traffic at the same time in an efficient
manner. The device will be configured to use both IPv4 and IPv6. The BreakingPoint Storm CTM will be configured to transmit data through
the device using IPv4 and IPv6.
Objective:
Determine the latency, packet loss and throughput of the device while using IPv6 traffic.
Setup:
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
21
1.
Launch your favorite Web browser and connect to the BreakingPoint Storm CTM. Click Start BreakingPoint Systems
Control Center once the page loads.
2.
In the new window that is displayed, type your Login ID and Password. Click Login.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
22
3.
4.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
23
5.
Select the Network Neighborhood created in the previous test and click Save As.
6.
When prompted, enter Dual Stack as the name and click OK.
7.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
24
8.
As the default domain is IPv6, enter IPv4 as the name and click OK.
9.
With the IPv4 domain selected, click the Show subnet details {} button located at the bottom of windw..
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
25
10. Make sure that IPv4 is selected. Configure the Network IP Address with 10.1.2.0, Netmask with 24 and the Gateway
IP Address with 10.1.2.1. Use the Type drop-down menu to select Virtual Router and configure the IP address with
10.1.2.2. Then configure the Minimum IP Address with 10.1.2.3 and the Maximum IP Address with 10.1.2.254.. Click
Accept.
11. Select the tab for Interface 2 and repeat steps 7 & 8 creating a new domain and name it IPv4. Repeat step 9 opening
the subnet details using {} icon at the bottom. Make sure that IPv4 is selected. Configure the Network IP Address
with 10.1.3.0, Netmask with 24 and the Gateway IP Address with 10.1.3.1. Use the Type drop-down menu to select
Virtual Router and configure the IP address with 10.1.3.2. Then configure the Minimum IP Address with 10.1.3.3 and the
Maximum IP Address with 10.1.3.254. Click Accept..
Important Note: The device under test (DUT) must have its Storm connected interfaces configured properly with IPv4
and IPv6 addressing along with static routes for IP networks the Storm generates that are not directly connected to
those interfaces.
12. When done, click the Save Network button.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
26
15. When prompted, enter Dual Stack as the name and click Save.
16. Under Test Quick Steps click the first option Select the DUT/Network.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
27
17. In the Choose a device under test and network neighborhood window in the Device Under Test section (left side), verify
that BreakingPoint Default is selected. Under Network Neighborhos) (right side), verify that the newly created Dual
Stack is selected. Click Accept.
18. Select the Parameters tab for the IPv6 Traffic test component. Change the Minimum data rate to 500 and click Apply
Changes.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
28
19. Right-click on the IPv6 Traffic test component and select Clone Component.
20. Select the newly cloned component. Under the Information tab, change the name to IPv4 Traffic and click Apply
Changes.
21. Select the Interfaces tab. Use the drop-down menus and change Interface 1 Client to IPv4 and Interface 2 Server to
IPv4. Click Apply Changes once completed.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
29
22. Select the Parameters tab. Change the TCP Configuration Maximum Segment Size to 1460 for IPv4. Click Apply Changes
once completed.
23. To edit the test description, select Edit Description under the Test Information section.
24. Select Save and Run under the Test Quick Steps.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
30
The Summary tab will initially be displayed. This tab shows information such as TCP Connection Rate, Bandwidth and
Application Transaction Rate.
25. Select the Application tab. Verify that traffic is being transmitted for each protocol. Use the drop-down menu to select a
new protocol to view.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
31
26. When the test is completed, a new window will be displayed. Click the Close button to close the window.
27. When the test is completed, click the View the report button.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
32
28. Expand Test Results for IPv6 Traffic and select IP Summary. Determine if a significant number of frames were dropped
during the test.
29. Next, select Frame Latency Summary. Using the table, determine the average, minimum and maximum frame latency.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
33
30. Next, expand the Detail folder and select Frame Data Rate. Determine the rate at which traffic was able to transmit at a
steady rate.
31. Expand Test Results for IPv4 Traffic and select IP Summary. Determine if a significant number of frames were dropped
during the test.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
34
32. Next, select Frame Latency Summary. Using the table, determine the average, minimum and maximum frame latency.
33. Next, expand the Detail folder and select Frame Data Rate. Determine the rate at which traffic was able to transmit at a
steady rate.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
35
IPv6: Security
RFC:
Overview:
This evaluation determines how malicious traffic affects legitimate traffic. The device will be configured to use IPv6. The BreakingPoint
Storm CTM will be configured to transmit data through the device using IPv6.
Objective:
Determine the latency, packet loss and throughput of the device when having to deal with malicious traffic and legitimate traffic.
Setup:
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
36
1.
Launch your favorite Web browser and connect to the BreakingPoint Storm CTM. Click Start BreakingPoint Systems
Control Center once the page loads.
2.
In the new window that is displayed, type your Login ID and Password. Click Login.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
37
3.
4.
5.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
38
6.
When prompted, enter IPv6 Security as the name and click Save.
7.
Select the Parameters tab. Change the Minimum data rate to 995. Once completed, click the Apply Changes button.
8.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
39
9.
In the Select a component type window, select the Security test component.
10. With the Security Component selected open the Interfaces tab. Verify that Interface 1 Client is enabled and select IPv6
from drop down menu to ensure this domain will be used. Verify Interface 2 Server is enabled and select IPv6 domain
from drop down menu. Click Apply Changes.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
40
11. With the Security test component selected, select the Presets tab. Choose the Security Level34 presets and click
Apply Changes.
12. No other changes are required. Select Save and Run under the Test Quick Steps.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
41
The Summary tab will initially be displayed. This tab shows information such as TCP Connection Rate, Bandwidth and
Application Transaction Rate.
Select the Application tab. Verify that traffic is being transmitted for each protocol. Use the drop-down menu to select a
new protocol to view.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
42
13. When the test is completed, a new window will be displayed. As the security threats are not being run through a firewall,
it is not expected that they will be blocked. Click the Close button to close the window.
14. When the test is completed, click the View the report button.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
43
15. Expand Test Results for IPv6 Traffic and select IP Summary. Determine if a significant number of frames were dropped
during the test.
16. Next, select Frame Latency Summary. Using the table, determine the average, minimum and maximum frame latency.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
44
17. Next, expand the Detail folder and select Frame Data Rate. Determine the rate at which traffic was able to transmit at a
steady rate.
18. Compare the results from this test with the initial IPv6 Traffic test. Determine if having malicious traffic also being sent
with IPv6 traffic has any effect on the IPv6 traffic.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
45
IPv6: Fuzzing
RFC:
Overview:
This evaluation determines how malformed packets affect legitimate traffic. The device will be configured to use IPv6. The BreakingPoint
Storm CTM will be configured to transmit data through the device using IPv6. The BreakingPoint Storm CTM will also be configured to
transmit malformed packets.
Objective:
Determine the latency, packet loss and throughput of the device when having to deal with malicious traffic and legitimate traffic.
Setup:
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
46
1.
Launch your favorite Web browser and connect to the BreakingPoint Storm CTM. Click Start BreakingPoint Systems
Control Center once the page loads.
2.
In the new window that is displayed, type your Login ID and Password. Click Login.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
47
3.
4.
5.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
48
6.
When prompted, enter IPv6 Fuzzing as the name and click Save.
7.
Select the Parameters tab. Change the Minimum data rate to 985. Once completed click the Apply Changes button.
8.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
49
9.
In the Select a component type window, select the Stack Scrambler test component.
10. With the Stack Scrambler test component selected, select the Presets tab. Make sure All Protocol Stacks is selected
and click Apply Changes.
With the Stack Scrambler test component selected, selected the Interfaces tab. Verify that Interface 1 Client is enabled
and select IPv6 from drop down menu to ensure this domain will be used. Verify Interface 2 Server is enabled and
select IPv6 domain from drop down menu. Click Apply Changes.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
50
11. Select the Parameters tab. Change the Test duration measured by a time interval to 5 Minutes and click Apply
Changes.
12. No other changes are required. Select Save and Run under the Test Quick Steps.
The Summary tab will initially be displayed. This tab shows information such as TCP Connection Rate, Bandwidth and
Application Transaction Rate.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
51
13. Select the Application tab. Verify that traffic is being transmitted for each protocol. Use the drop-down menu to select a
new protocol to view.
14. When the test is compleed, a new window will be displayed. Similar to the security testing these threats are not being
run through a firewall an , it is not expected that they will be blocked. Click the Close button to close the window.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
52
15. When the test is completed, click the View the report button.
16. Expand Test Results for IPv6 Traffic and select IP Summary. Determine if a significant number of frames were dropped
during the evaluation.
17. Next, select Frame Latency Summary. Using the table, determine the average, minimum and maximum frame latency.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
53
18. Next, expand the Detail folder and select Frame Data Rate. Determine the rate at which traffic was able to transmit at a
steady rate.
19. Compare the results from this evaluation with the initial IPv6 Traffic evaluation. Determine if having flawed traffic also
being sent with IPv6 traffic has any effect on the IPv6 traffic.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
54
Overview:
This evaluation determines how malformed packets and security threats affect legitimate traffic. The device will be configured to use IPv6.
The BreakingPoint Storm CTM will be configured to transmit data through the device using IPv6. The BreakingPoint Storm CTM will also be
configured to transmit malformed packets and send security threats.
Objective:
Determine the latency, packet loss and throughput of the device when having to deal with malicious traffic, security threats, and legitimate
traffic.
Setup:
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
55
1.
Launch your favorite Web browser and connect to the BreakingPoint Storm CTM. Click Start BreakingPoint Systems
Control Center once the page loads.
2.
In the new window that is displayed, type your Login ID and Password. Click Login.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
56
3.
4.
5.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
57
6.
When prompted, enter IPv6 Security Fuzzing as the name and click Save.
7.
With the IPv6 Traffic test commenent selected, select the Parameters tab. Change the Minimum data rate to 980.
Once completed, click the Apply Changes button.
8.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
58
9.
In the Select a component type window, select the Security test component.
10. With the Security test component selected, select the Presets tab. Select the Security Level34 presets and click Apply
Changes.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
59
11. With the Security test component selected, selected the Interfaces tab. Verify that Interface 1 Client is enabled and
select IPv6 from drop down menu to ensure this domain will be used. Verify Interface 2 Server is enabled and select
IPv6 domain from drop down menu. Click Apply Changes.
No other changes are required. Select Save and Run under the Test Quick Steps.
The Summary tab will initially be displayed. This tab shows information such as TCP Connection Rate, Bandwidth and
Application Transaction Rate.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
60
12. Select the Application tab. Verify that traffic is being transmitted for each protocol. Use the drop-down menu to select a
new protocol to view.
13. When the test is completed, a new window is displayed. As the security threats are not run through a firewall, it is not
expected that they will be blocked. Click the Close button to close the window.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
61
14. When the test is completed, click the View the report button.
15. Expand Test Results for IPv6 Traffic and select IP Summary. Determine if a significant number of frames were dropped
during the test.
16. Next, select Frame Latency Summary. Using the table, determine the average, minimum and maximum frame latency.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
62
17. Next, expand the Detail folder and select Frame Data Rate. Determine the rate at which traffic was able to transmit at a
steady rate.
18. Compare the results from this evaluation with the initial IPv6 Traffic evaluation. Determine if injecting flawed and
malicious traffic with IPv6 traffic has any effect on the IPv6 traffic.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
63
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
64
About BreakingPoint
BreakingPoint pioneered the first and only Cyber Tomography Machine
(CTM) to expose previously impossible-to-detect stress fractures within
cyber infrastructure components before they are exploited to compromise
Contact BreakingPoint
Learn more about BreakingPoint
products and services by contacting a
customer data, corporate assets, brand reputation and even national security.
www.breakingpoint.com
toll-free: 866.352.6691
Paris, France
tel: + 33 6 08 40 43 93
email: apac_sales@breakingpoint.com
email: emea_sales@breakingpoint.com
BreakingPoint Resources
Hardening cyber infrastructure is not easy work, but nothing that is this
important has ever been easy. Enterprises, service providers, government
agencies and equipment vendors are under pressure to establish a cyber
infrastructure that can not only repel attack but is resilient to application
sprawl and maximum load. BreakingPoints Cyber Tomography Machine
(CTM) provides the technology and solutions that allow these organizations
to create a hardened and resilient cyber infrastructure. BreakingPoint also
provides the very latest industry resources to make this process that much
easier, including Resiliency Methodologies, How-to Guides, white papers,
webcasts, and a newsletter. To learn more, visit
www.breakingpoint.com/resources.
BreakingPoint Labs Community
Join discussions on the latest developments in hardening cyber
infrastructure. BreakingPoint Labs brings together a diverse community of
people leveraging the most current insight to harden cyber infrastructure to
withstand crippling attack and high-stress application load.
Visit www.breakingpointlabs.com.
www.breakingpoint.com
2005 - 2010. BreakingPoint Systems, Inc. All rights reserved. The BreakingPoint logo is a trademark of BreakingPoint Systems, Inc.
All other trademarks are the property of their respective owners.
65