사이버 보안

Proactive application and security validation for hybrid network services model

2018년 5월 3일

Blog - Proactive application and security validation for hybrid network services model

The rush to virtualization and cloud is mainly driven by improved performance and competitiveness that it brings to businesses through rapid, agile and efficient deployment of resources.

The rush to virtualization and cloud is mainly driven by improved performance and competitiveness that it brings to businesses through rapid, agile and efficient deployment of resources. Successful deployment and delivery of business offerings in this emerging model hinges on the ability to select and leverage the right tools and infrastructure which can support virtualized services as well as validation of these services. The landscape for planning, implementing, deploying and monitoring virtualized services have been extensively covered but there is an urgency to consider validation offerings for network applications that lay the foundation for business services. Today, business organizations are looking for security assessment as well as insight to performance and scalability of the applications. It has become increasingly important to validate application performance and conduct security assessment in infrastructures with this new elastic and agile model of virtualized services. The layered nature of virtualized services as well as dynamic and frequent provisioning with multiple revisions of software would require thorough understanding of the resulting impact in terms of both performance as well as security. The fundamentals of such virtualized testing solution would have to address the following:

Provide realistic, repeatable, and scalable validation of application and security services.
Address new deployment models (virtual appliances) as well as hybrid models (mixture of physical and virtual appliances).
Integrate and coexist with emerging virtualization as well as cloud technologies and foundations.

Reliability, performance and security efficacy of services provided in today’s connected world need to be measured and assessed proactively, in tandem with evolution of the infrastructure. Migration from purely physical appliances of traditional networks to emerging virtualized models as well as hybrid models would require validations that can bridge that gap and simultaneously elevate to address scaling and intelligence against new performance demands, vulnerabilities and detection/mitigation of attack vectors. The inherent extensibility and flexibility brought by having a single platform that has been in place for today’s converged network and application infrastructure should be available from security and application validation solutions as well.

IMAGE 1

Spirent’s Cyberflood security and application testing solution is now available as a virtual platform on ESXi and KVM hypervisors and carries forward its ease of use, comprehensive and consolidated test functionalities. CyberFlood Virtual (CFV) is a flexible solution that offers proactive and realistic testing of content aware networks and security infrastructure that is easily hosted on users virtualized Infrastructure.

IMAGE 2

CyberFlood Virtual paves the way for a scaling test solution of physical and virtual appliance form factors for handling vast amounts of traffic, based on user demand. Each CFV instance comes with one management port and two data ports. This solution provides easy deployment with physical devices under test (DUT) as illustrated in Image 2. In this case, the DUT upstream port is connected directly or through other network devices to the hypervisor physical NIC and a virtual switch which also has connectivity to one of the CFV data ports. The other CFV data port is also connected to a virtual switch with connectivity to a physical NIC and DUT downstream port.

IMAGE 3

There are also options to connect the CFV data ports to virtual appliances as illustrated in Image 3. In this type of deployment, the DUT upstream port and one of the CFV data ports are connected to a virtual switch and another virtual switch handles the traffic between DUT downstream port and the other CFV data port. The CFV deploymentoptions provide flexibility for validation of network services with purely physical appliances or virtual appliances as well as hybrid models.

If you are interested in learning more about the work that Spirent does, download our white paper or visit our CyberFlood Page. If you want to speak to our security experts directly, contact us or view our Cybersecurity on-demand webinars.

Follow Spirent Security on Twitter (@spirentsecurity) for the latest security news.

콘텐츠가 마음에 드셨나요?

여기서 블로그를 구독하세요.

블로그 뉴스레터 구독

태그: 보안

Reza Saadat

Senior Technical Marketing Engineer, Application and Security Group

Reza Saadat is a Senior Technical Marketing Engineer at Spirent in the Applications and Security group, with over 25 years of experience in computers and data communication technologies. At Spirent, Reza works with the Product Management, Engineering and Sales teams to bring to market new, cutting-edge applications and security testing solutions for network equipment manufacturers, enterprises, and service providers. His in-depth industry, market and software development knowledge as well as collaborative design and development skills have resulted in the creation of numerous hardware and software solutions, which have been successfully released at companies such as IBM Corp, Cisco Systems and many more.