Our goal in the preparation of this Black Book was to create high-value, high- quality content. . Ixia’s Black Book website at . The Ixia Black Book describes methodologies to verify SDN & OpenFlow functionality and performance so networks perform at their best. At Ixia, we know that the networking industry is constantly moving; we aim to be your technology partner through these ebbs and flows. We hope this Black Book .
|Published (Last):||17 July 2017|
|PDF File Size:||7.29 Mb|
|ePub File Size:||10.35 Mb|
|Price:||Free* [*Free Regsitration Required]|
Documents Flashcards Grammar checker. Black Book Edition 10 Network Security http: Your feedback blackbookk an important ingredient that will help guide our future books. Use, duplication, or disclosure by the U.
All other trademarks belong to their respective owners. The information herein is furnished for informational use only, is subject to change by Ixia without notice, and should not be construed as a commitment by Ixia. Ixia assumes no responsibility or liability for any errors or inaccuracies contained in this publication. IPsec – Data Forwarding Performance IPsec – Tunnel Capacity Test Configuring IP and Network Settings Setting the Test Load Profile and Objective Adding Test Ports and Running Tests Every section starts by introducing the reader to relevant information from a technology and testing perspective.
Each test case has the following organization structure: Overview Provides background information specific to the test case.
Objective Describes the goal of the test. Blackboom An illustration of the test ixa highlighting the test ports, simulated elements and other details. Step-by-Step Instructions Detailed configuration procedures using Ixia test equipment and applications. These can be modified to construct other tests. Results Analysis Provides the background useful for test result analysis, explaining the metrics and providing examples of expected results.
Troubleshooting and Diagnostics Provides guidance on how to troubleshoot common issues. Conclusions Summarizes the result of ixi test.
Typographic Conventions In this document, the following conventions are used to indicate items that are selected or typed by you: It is also used to indicate text found on the current GUI screen. The Black Books can be considered primers on technology and testing. They include test methodologies that can be used to verify device and system functionality and performance.
The methodologies are universally applicable to any test equipment. This tenth edition of the black books includes twenty two ixiaa covering some key technologies and test methodologies: Registration is blacbook to access this section of the Web site.
At Ixia, we know that the networking industry is constantly moving; we aim to be your technology partner through these ebbs and flows. We ixla this Black Book series provides valuable insight into the evolution of our industry as it applies to test and measurement. The number and types of attacks are enormous and the devices used to defend against them are necessarily complex. To defend against threats, and to prevent unintended data leakage, enterprises have deployed security devices of all types.
Those functions start to be integrated more often in what is called Unified Thread Management system or New Generation Firewall. Each type of device, and the unified threat management UTM systems that combine them into one system, requires continuous testing to ensure that the devices are effective, accurate, and productive. Securing the networks is essential for homes, government organizations, and enterprises of all sizes.
The number and types blackbpok attacks continues to grow at an alarming rate and the devices used to defend against them are necessarily complex.
Ixia Black Book: Network Security
The complexity and effectiveness of attacks continues to increase, positioning the network security as a growing concern for endusers and enterprises of all sizes. This book provides an overview of network security and covers test methodologies that can be used to assess the effectiveness, accuracy, and performance of such devices while they are inspecting legitimate traffic and malicious traffic.
According to the Annual Report from Panda Labs: These categories are explained in this book. Breakdown of blackboo, types, Hacking has mutated from a hobby to a successful business.
It is estimated that companies lose between 0. The estimated loss from the surveyed companies was USD 4. The biggest threats were from employees who had been laid off and attacks from outside the company.
McAfee estimated that total worldwide costs in would top USD 1 trillion. The total cost to a company for each breach averaged USD 6. During the last few years, the cumulative number of vulnerabilities has increased dramatically, as shown in Figure 2. Growth in new threats The number of vulnerabilities discovered in applications is far greater than the number discovered in operating systems.
As a result, more exploitation attempts are recorded on application programs. The most popular applications for exploitation tend to change over time because the rationale for targeting a particular application often depends on factors like prevalence or the inability to effectively patch.
Browsers and client-side applications that can be invoked by browsers seem to be consistently targeted, taking advantage to the current trend wherein trusted Web sites are converted into malicious servers.
Worldwide, there has been a significant increase over the past three years in the number of people discovering zero-day vulnerabilities, as measured by multiple independent teams discovering the same vulnerabilities at different times.
Zero-day vulnerabilities are those not found until a service is deployed. The Source of the Problem But, who is to blame for the vulnerabilities that malware takes advantage of?
The Internet is something that we all want—the ability to publish and find information, the ability to buy and sell products, the ability to communicate with others. The vast interconnection made possible by the Internet provides the avenue for malicious action.
Ixia Black Book: Network Security
The major avenue of attack is through flawed software. That is, software ixiq is outright broken or sloppily written. A typical example is the buffer overflow flaw, in which a programmer invites a user’s ixxia, but does not compare the length of the response against the amount of storage set aside for the response. A carefully constructed, overly long, malicious response can be used crash the software, or cause it to execute arbitrary computer code—code designed to steal data or embed other attacks.
Known vulnerabilities are published, allowing authors to issue fixes and security vendors to update software. Zero-day vulnerabilities are potentially more harmful, associated with newly published programs or offered Bpackbook services. Such vulnerabilities may be visible for days or weeks until patched.
Network, server, and client misconfiguration offers another avenue for hacking. Network elements, such as routers and home gateways, come with a default administrator password, passwords that often never change. A hacker with access to a router can cause all traffic through the router to be sent through its own server, allowing ‘person-in-the-middle’ attacks.
Similarly, misconfigured servers can allow hackers to disable or modify Web sites, inserting code of its own choosing. Such code is usually intended to steal data from associated databases. Finally, many of us are to blame. We are often not careful enough, gullible or too trusting— allowing attackers to get us to cooperate with their plans. The Damage The damage from successful network security attacks can take many forms: This consists not only of just financial data, such as credit card numbers, but also includes customer lists, intellectual property, and product development and marketing plans.
It can take a great deal of time to recover from a security attack, or even from the suspicion of an attack. Data may need to be recovered or reconstructed and systems extensively checked.
This is often preceded by the theft of data. Disabled or crippled services. Protesters and some governments may seek to disable offending Web sites.
Hackers may be purely malicious in their intent. Any of the previous items may expose an enterprise to law suits for loss of data or money entrusted to them. The most frequent methods include the following: In addition to spam, e-mails can contain attachments that are malicious executable programs or links to infected Web sites.
This is currently the primary initial infection vector used to compromise computers glackbook have Internet access. Those same client-side vulnerabilities are exploited by attackers when users visit infected Web sites.
Because the visitors feel safe downloading documents from the trusted sites, they are easily fooled into opening documents, music, and video that exploit client-side vulnerabilities.
Some exploits do not even require the user to open documents. Simply accessing an infected Web site is all that blackboo, needed to compromise the client software. Web sites can be dangerous in several blackbpok Masquerading as valid Web sites collecting financial and personal information. Infected through content injected from associated Web sites. The average commercial Web page contains content from more than sources—advertising, tracking, and content.
Blqckbook or more of those sources may have been compromised and may insert code that is used to collect and send data to a third party. For example, a Web page advertisement might suggest that a user’s computer is infected with a virus, inviting the user to click on a virus scanning program, which actually blackboook the computer.
FTP is frequently used to download executable programs. These programs may be innocently or maliciously infected. Instant messaging programs now provide mechanisms for passing executable programs and Web links, providing a means of infecting computers and revealing information.
P2P environments are often used to share software, which may be similarly infected. Social interaction with other players may invite e-mail or IM communications. Games themselves, when executed on a user’s computer, may be the source of infections.