The End of Days is Here for Network Blind Spots

March 9, 2016, 11:45 am

≫ Next: Solutions Datacenter Management 2016

≪ Previous: Ixia ATI Research Center Finds Multiple Security Vulnerabilities in IBM Tivoli Storage Manager FastBack

The End of Days is Here for Network Blind Spots

Author: Keith Bromley. Have you heard the term network blind spots? It’s becoming more and more common in the networking and security industries. But what does it mean?

Network blind spots refers to an IT organizations inability to see what’s happening on the network, especially as it pertains to application reliability, performance and security. And it’s often in these blind spots where outages, performance issues, security threats and compliance problems arise. So, you obviously want to eliminate these blind spots – unless you like dealing with unplanned outages, angry customer calls and security breaches.

↧

Solutions Datacenter Management 2016

March 13, 2016, 8:10 pm

≫ Next: Ixia Targets Network Security iith New Device

≪ Previous: The End of Days is Here for Network Blind Spots

Solutions Datacenter Management 2016

Focus: Visibility
Venue: Porte de Versailles
Location: Paris
Additional information:
The event focusses on the administration of the datacenter, Big Data, PaaS platform and security solutions and backup.
Ixia joins our partner Infractive to showcase Ixia solutions for testing and improving the performance of datacenters

Click here to Register

↧

Ixia Targets Network Security iith New Device

March 15, 2016, 2:24 pm

≫ Next: Network security without sacrificing performance

≪ Previous: Solutions Datacenter Management 2016

02/22/2016

Socaltech.com

↧

Network security without sacrificing performance

March 15, 2016, 2:27 pm

≫ Next: Insight into the data traffic

≪ Previous: Ixia Targets Network Security iith New Device

02/23/2016

LANline (Germany)

↧

Insight into the data traffic

March 15, 2016, 2:29 pm

≫ Next: Ixia Vision ONE Turnkey device

≪ Previous: Network security without sacrificing performance

02/25/2016

IT Administrator

↧

Ixia Vision ONE Turnkey device

March 15, 2016, 2:31 pm

≫ Next: Ixia releases Vision ONE to achieve end-to-end network visibility

≪ Previous: Insight into the data traffic

03/09/2016

Technology Decisions

↧

Ixia releases Vision ONE to achieve end-to-end network visibility

March 15, 2016, 2:33 pm

≫ Next: Ixia Consolidates Technology Acquisitions to Deliver Vision ONE

≪ Previous: Ixia Vision ONE Turnkey device

03/10/2016

ZDNET (China)

↧

Ixia Consolidates Technology Acquisitions to Deliver Vision ONE

March 15, 2016, 2:37 pm

≫ Next: Benchmarking Open Source SDN Controllers – Are They Ready for Carrier-Grade Services?

≪ Previous: Ixia releases Vision ONE to achieve end-to-end network visibility

03/14/2016

Enterprise Networking Planet

↧

Benchmarking Open Source SDN Controllers – Are They Ready for Carrier-Grade Services?

March 15, 2016, 4:06 pm

≫ Next: Ixia Partners to Deliver a Full Lifecycle Security Solution Against Cybercrime

≪ Previous: Ixia Consolidates Technology Acquisitions to Deliver Vision ONE

03/15/2016

Author: Dean Lee. That was the title of my presentation at MPLS+SDN+NFV World Congress 2016 in Paris last week. The response from the congress delegates was overwhelming. Obviously this has been a key question in everyone's mind. I’m happy to say that SDN is ready for prime time deployment. However, further benchmark testing is critical to determine if individual SDN controllers are ready to match carrier-grade routers.

How does the centralized control brain live up to the expectation of carrier-grade services and abuse? What are the performance hits and other challenges when you put together all the open source components on a commercially available server?

We picked three widely popular open-source controllers - RYU, ODL, and ONOS and ran them through with the benchmark test methodology defined by ONF and IETF BMWG. We used Ixia's IxNetwork SDN Emulation to simulate hundreds of SDN switches to fully stress each controller under test. I presented the test results and preliminary assessment at the congress.

In summary, we ran into challenges and were not able to complete all of the benchmark tests. All three open source controllers do come with applications in addition to a south-bound API, but were not sufficient to match the typical functions of distributed routers. Without writing the necessary networking applications or purchasing the all integrated packages from the vendors, we were able to validate three test cases with limited results.

We also discovered that the different implementations could drastically influence the test results. For example, ODL configures bi-directional flows by default while RYU and ONOS only work with unidirectional flows. The default applications that come with ONOS can only respond to IP/ARP learning, while the other two controllers only come with L2 learning. In spite of the lack of needed applications, we did observe a few key points:

All three controllers do provide reasonable performance and scale. They all sustained well with more than 500 switches.
Benchmark testing is the critical tool to determine if the SDN controller is ready to match carrier-grade routers.
Applications and implementation greatly impact performance.

You can download the presentation here.

↧

Ixia Partners to Deliver a Full Lifecycle Security Solution Against Cybercrime

March 16, 2016, 4:05 am

≫ Next: EMA Perspective: Ixia Introduces Hawkeye for Proactive SLA and User Experience Monitoring

≪ Previous: Benchmarking Open Source SDN Controllers – Are They Ready for Carrier-Grade Services?

03/16/2016

Ixia Partners to Deliver a Full Lifecycle Security Solution Against Cybercrime

The world’s leading security providers rely on Ixia to train resources; and build and deploy their solutions in the most demanding environments

CALABASAS, CA— March 16, 2016— Ixia (Nasdaq: XXIA), a leading provider of network testing, visibility, and security solutions, has joined forces with industry-leading security providers to train resources, as well as build and deploy solutions that find and eliminate network vulnerabilities, for the most demanding customer environments.

“It’s often said that the best defense is a good offense,” said Eric Hanselman, Chief Analyst, 451 Research. “However, in IT security, companies frequently focus on defense rather than offense leaving their enterprises vulnerable and increasing costs for recovery after a breach. A holistic approach to enterprise security lifecycle from development to deployment through operation helps protect an enterprise effectively.”

A comprehensive security strategy requires organizations to look at network vulnerabilities from an offensive and defensive position. Offense involves finding vulnerabilities—whether they exist in products, in software, operating systems, people, or processes—and eliminating them before they can be exploited. But threats against a business critical network can appear from any direction, requiring reliable network defense to safeguard against attackers.

“Ixia understands that to win the cyber-war we must arm organizations with the tools that not only defend against attack, but proactively protect their networks and applications,” stated Scott Westlake, Vice President of Business Development for Ixia. “Finding a breach quickly, and addressing it after the fact is good, but not as good as stopping it in the first place. Our security partners are experts in what they do, but they aren’t as effective when incomplete data is being fed to them. Optimal security posture requires the best products, training, and architectures.”

Ixia is working with the industry’s leading technology providers to deliver the first full lifecycle security platform against cybercrime, by ensuring that organizations have access to solutions that defend against advanced threats and provide network resiliency. These partners include Cisco, FireEye, Fortinet, HPE Security, Imperva, Intel Security, LogRhythm, Radware, Savvius and Vectra, to name a few.

Ixia leads the market in security testing and training

Ixia’s security partners leverage the company’s BreakingPoint^TM Solution (BPS) in their development labs to test the performance limits and security effectiveness of their next generation appliances and software capabilities.

“Our customers rely on our end-to-end security fabric to protect against the most advanced threats around the world. From the cloud to the edge, to the end point, we need to be absolutely certain that our appliances operate at the highest levels of quality, reliability and effectiveness. Ixia’s BreakingPoint solution allows us to achieve this for our next generation firewalls” said Chad Whalen, Vice President of Global Strategic Alliances and Cloud at Fortinet.

In addition, Ixia’s BreakingPoint enables technology partners to model and replicate advanced cyber threats to harden their security offerings, and help transform their personnel into training cyber warriors using advanced curriculum and real-world exercises. For a powerful yet portable form factor, Ixia’s PerfectStorm^TM ONE appliances scale from 4Gbps to 80Gbps of application traffic.

“Ixia’s PerfectStorm ONE brings great value to our cyber range as it allows us to train personnel on how to defend critical infrastructure assets and launch attacks against simulated critical infrastructure targets,” said Henry Capello of LSU. “This experience empowers our personnel with the knowledge and preparedness to handle real live scenarios when they occur.”

Ixia leads the market in providing intelligent data feeds to security tools

Threats carefully hidden in encrypted traffic can easily bypass security controls. Ixia’s Vision ONE™ enables organizations to maintain security across physical and virtual infrastructures from a single security platform.

"As the use of virtualization in the data center and SSL encryption continues to grow, organizations around the globe struggle to gain visibility into network activity to protect their vital business assets. Ixia’s Vision ONE addresses this challenge with an all-in-one, enterprise-class platform that integrates highly scalable network access, advanced policy management and full SSL decryption,” said Matt Winter, Vice President of Business Development from LogRhythm. “This unique set of capabilities ensures LogRhythm's network monitoring and forensics solutions have access and visibility into an organization's network traffic, including encrypted traffic and traffic traversing virtual environments. Receiving and analyzing 100 percent of the traffic from Ixia under all workloads, enables LogRhythm to rapidly detect, respond to, and neutralize cyber threats before they can cause damage.”

About Ixia
Ixia (Nasdaq: XXIA) provides testing, visibility, and security solutions, strengthening applications across physical and virtual networks for enterprises, service providers, and network equipment manufacturers. Ixia offers companies trusted environments in which to develop, deploy, and operate. Customers worldwide rely on Ixia to verify their designs, optimize their performance, and ensure protection of their networks to make their applications stronger. Learn more at www.ixiacom.com.

Ixia, the Ixia logo, BreakingPoint, Vision ONE, and PerfectStorm are trademarks or registered trademarks of Ixia in the United States and other jurisdictions. All other trademarks used herein are the property of their respective owners.

Connect with Ixia

LinkedIn
Twitter

Ixia Blog

YouTube

Ixia Media Contact:

Denise Idone, Senior Corporate Communications Manager

Email: didone@ixiacom.com

Office: (631) 849-3500

Mobile: (516) 659-7049

↧

EMA Perspective: Ixia Introduces Hawkeye for Proactive SLA and User Experience Monitoring

March 18, 2016, 10:11 am

≫ Next: Ixia Demonstrates First Flex Ethernet Implementation at OFC 2016

≪ Previous: Ixia Partners to Deliver a Full Lifecycle Security Solution Against Cybercrime

03/18/2016

Ixia Introduces Hawkeye for Proactive SLA and User Experience Monitoring

↧

Ixia Demonstrates First Flex Ethernet Implementation at OFC 2016

March 20, 2016, 7:16 pm

≫ Next: Ixia Announces Active Network Assessment and Monitoring Platform

≪ Previous: EMA Perspective: Ixia Introduces Hawkeye for Proactive SLA and User Experience Monitoring

03/21/2016

MEDIA ALERT:

Ixia Demonstrates First Flex Ethernet Implementation at OFC 2016

CALABASAS, CA— March 21, 2016— Ixia (Nasdaq: XXIA), a leading provider of network testing, visibility, and security solutions will showcase the world’s first public demonstration of Flex Ethernet (FlexE), which delivers adaptable and scalable bandwidth provisioning for hyperscale datacenters and optical transport systems, at the Optical Fiber Communication Conference and Exhibition (OFC) 2016 to be held at the Anaheim Convention Center from March 22 to 24, 2016.

What is OFC?

OFC is the largest global conference and exhibition for optical communications and networking professionals. At OFC, Ixia will showcase the company’s FlexE 2x 100GbE technology in the Altera (now a part of Intel) booth (#2667), to address the industry’s need for flexible and scalable bandwidth provisioning.

What is Flex Ethernet?

FlexE defines methods for Ethernet equipment to bond lower rates in order to create a higher rate for greater network performance, or segment a higher speed into lower speeds for improved bandwidth provisioning. The industry currently employs link aggregation to increase throughput, combining physical ports to make a single high-bandwidth data path with multiple network connections which has inherent inefficiencies. FlexE eliminates these inefficiencies enabling network planners to tailor Ethernet transmission rates to maximize existing bandwidth and reach.

What is Ixia demonstrating at OFC?

Ixia’s FlexE technology addresses the specific needs of today’s hyperscale datacenters by matching router Ethernet rates with long haul optical transmission rates. It has been designed to the Optical Internetworking Forum’s (OIF) FlexE Implementation Agreement - Draft 1.1 to create a new 200Gb media access control (MAC) over two bonded 100GbE PHYs. Ixia will also demonstrate sub-rating to run 150Gb and 100Gb over two bonded 100GbE PHYs. The 200Gb and 150Gb rates do not correspond to any existing Ethernet PHY rates today.

Connect with Ixia via:

LinkedIn
Twitter

Ixia Blog

YouTube

Ixia and the Ixia logo are trademarks or registered trademarks of Ixia in the United States and other jurisdictions. All other trademarks used herein are the property of their respective owners.

Ixia Media Contact:

Denise Idone, Senior Corporate Communications Manager

Email: didone@ixiacom.com

Office: (631) 849-3500

Mobile: (516) 659-7049

↧

Ixia Announces Active Network Assessment and Monitoring Platform

March 21, 2016, 2:22 pm

≫ Next: GISEC

≪ Previous: Ixia Demonstrates First Flex Ethernet Implementation at OFC 2016

03/22/2016

Ixia Announces Active Network Assessment and Monitoring Platform

Hawkeye enables enterprises to maintain a high quality user application experience

CALABASAS, CA— March 22, 2016— Ixia (Nasdaq: XXIA), a leading provider of network testing, visibility, and security solutions, today announced Hawkeye, an automated, proactive service-level agreement (SLA), and user experience monitoring solution that generates and analyzes synthetic network and application traffic to assess how applications and services will perform.

IT managers need to think about how their network contributes to overall service quality and end-user experience. In fact, EMA research has found that 59 percent of IT management teams believe end-user experience is rapidly becoming more important.[1]

To ensure a quality user experience, enterprises need to understand their client’s perception of their website, application, and network services. Ixia’s Hawkeye continually evaluates network performance and service status. If there is an issue, Hawkeye can identify it, quantify it, and ultimately verify if the issue was resolved – delivering the highest possible overall service quality.

Shamus McGillicuddy, Senior Analyst at EMA, stated “Hawkeye is ideal for proactively monitoring application performance at times when the application isn’t active on the network or in situations where IT operations is otherwise unable to capture production traffic for monitoring.”

Hawkeye is a key component of Ixia’s growing network visibility portfolio which includes network taps for access to security and management devices, network packet brokers for amplified security and efficient monitoring, and bypass switches for automated failover protection.

“Ixia understands that a network infrastructure exists for one reason - to deliver the services and applications that matter without interruption. But high-quality application performance requires real-time awareness of what’s happening on the network,” said Sunil Kalidindi, vice president, NTS Product Management at Ixia. “We will continue to drive the development of solutions that deliver that much needed network visibility—from product to portfolio, including design, management, and support.”

Analyze, find, and solve network problems proactively

Delivered on premise or on public cloud, Hawkeye delivers multi-user access, test scheduling, visual SLA pass/fail, real-time metrics, years of storage, and trending. It is ideal for monitoring the performance of critical applications at regular intervals, regardless of whether those applications are currently generating traffic on the network. Hawkeye also includes an extensive library of application tests that enable customers to easily assess network throughput, class of service, unified communications, and streaming video.

“The proactive monitoring and automation provided by Hawkeye save our customers’ IT teams valuable time while helping to maintain a high-quality user experience,” says Jan-Petter Torgersrud, Product Director at Datametrix, a solution provider marketing Ixia’s network test and visibility solutions. “Hawkeye is a welcome addition to our network visibility portfolio and we feel confident our enterprise customers will see the powerful business value it offers.”

Hawkeye enables customers to:

Rapidly deploy new services with pre-launch assessments for business applications (e.g. VoIP, UC) or LAN to WAN assessments for cloud migration projects
Automate day-to-day IT tasks needed for managing complex network and application environments across offices, campus networks, and virtual data centers
Control network and services performance with cost-effective software endpoints or turnkey probe distribution that delivers expansive coverage
Proactively detect problems and implement tests with clear demarcation points to locate network and application issues for quality of experience (QoE) against expected service levels
Understand the impact Wi-Fi networks have on user experience and assist in optimizations

Ixia, the Ixia logo, and Hawkeye are trademarks or registered trademarks of Ixia in the United States and other jurisdictions. All other trademarks used herein are the property of their respective owners.

Connect with Ixia

LinkedIn
Twitter

Ixia Blog

YouTube

Ixia Media Contact:

Denise Idone, Senior Corporate Communications Manager

Email: didone@ixiacom.com

Office: (631) 849-3500

Mobile: (516) 659-7049

[1] Ixia Introduces Hawkeye for Proactive SLA and User Experience Monitoring

↧

GISEC

March 27, 2016, 8:16 pm

≫ Next: STKI

≪ Previous: Ixia Announces Active Network Assessment and Monitoring Platform

03/29/2016 to 03/31/2016

Location: Dubai, UAE

Ixia will be present on stand 86,.IxSecure, ThreatARMOUT & VisionONE will be among solutions presented

Click here to Register

↧

STKI

March 27, 2016, 8:19 pm

≫ Next: Flow Security Seminar

≪ Previous: GISEC

04/04/2016

Location: Tel Aviv, Israel
Ixia will be presenting IxSecure and ThreatARMOR

Click here to Register

↧

Flow Security Seminar

March 27, 2016, 8:35 pm

≫ Next: Ixia looks at options for user experience monitoring in NFV deployments

≪ Previous: STKI

04/21/2016

Location: London, UK
Ixia will be presenting ThreatARMOR at this multi vendor event being organised by Flow

↧

Ixia looks at options for user experience monitoring in NFV deployments

March 28, 2016, 7:11 am

≫ Next: Three Key Segments Empowers Ixia‘s Leadership in Network Security

≪ Previous: Flow Security Seminar

03/28/2016

by Roark Pollock, VP Solutions Marketing, Ixia

RCR Wireless News

↧

Three Key Segments Empowers Ixia‘s Leadership in Network Security

March 28, 2016, 7:50 am

≫ Next: ATI Minecraft

≪ Previous: Ixia looks at options for user experience monitoring in NFV deployments

03/14/2016

51CTO.com (China)

↧

ATI Minecraft

March 29, 2016, 8:38 am

≫ Next: BreakingPoint Captures Real-World 2015 Application Trends

≪ Previous: Three Key Segments Empowers Ixia‘s Leadership in Network Security

03/29/2016

Author: Haiyang Si. Minecraft is a game about breaking and placing blocks. Players can worked together to create wonderful, imaginative things. It is supported on many platforms, such as PC/Mac, Xbox 360, Xbox One, PS3 and PS4, etc.

Now, Ixia ATI supports the Minecraft 1.8.9 PC version. Users can emulate the communication between the game client and multiplayer servers.

Get Plaintext TCP Stream

Minecraft provides a perfect wiki to help developers understand the Minecraft Protocol. Also, there are many open source Minecraft projects online. But most of them just provide source code and only a few support the latest version. What should a beginner do to write his/her own Minecraft client/server? The following will introduce this step by step.

Although the Wiki – Protocol page has a great introduction of the Minecraft protocol, Minecraft developers might not find the ‘Packet ID’ in the TCP stream. This is because the data is encrypted. The document doesn’t mention how to generate a plaintext payload between Client and Server. Generating a plaintext payload is very important. It is the only way to check if the implementation is correct or not. Developers can make a plaintext payload in this way:

1. Download Minecraft Server from its official website.

2. Run the server.

3. Server should generate a file named ‘eula’. Edit it and make sure ‘eula=true’.

4. Reboot the server. Edit file ‘server’ and change ‘online-mode=false’, ‘network-compression-threshold=-1’ (optional), and save the file server. There are many other parameters. Developers can configure based on his/her requirement.

5. Reboot the server. Connect the client and server. Now monitor the TCP stream. You will find that the TCP payload matches the Minecraft Protocol described in Wiki.

The standard Minecraft login process is as follows:

1. C→S: Handshake with Next State set to 2 (login)

2. C→S: Login Start

3. S→C: Encryption Request

4. Client auth

5. C→S: Encryption Response

6. Server auth, both enable encryption

7. S→C: Login Success and Set Compression

After the configuration, the login process is simplified as:

C→S: Handshake with Next State set to 2 (login)

2. C→S: Login Start

3. S→C: Login Success and Set Compression

Now the developer can get the plaintext in the TCP payload. Figure 1 is a server-bound Handshake frame. You can find its format here.

Figure 1: Handshake

ATI Minecraft Test on BreakingPoint System

The ATI Engine can emulate different kinds of Minecraft actions. This is a test on the BreakingPoint System.

Figure 2: Minecraft Application Traffic on the BreakingPoint System

Figure 2 is a Superflow that emulates a login sequence from a client to a multiplayer server. It is combined with 19 different Minecraft actions in client and server.

Validation

Wireshark doesn’t support Minecraft so far, but it allows users to customize a dissector for a specific protocol. I have implemented a Minecraft dissector that you can download here.

Figure 3: Wireshark detects Minecraft 1.8.9 traffic with the Minecraft dissector

The Figure 3 Wireshark can detect a Minecraft application data stream. This means the Minecraft traffic generated by ATI engine is correct.

You can now successfully use the BreakingPoint to generate Minecraft traffic as part of your network testing criteria, validating your DPI recognition of Minecraft traffic on your network. Besides our Wireshark dissector we’ve supplied, we’re also adding a Minecraft signature to our ATI Processor product. This support will give you visibility into how much of your traffic is being used for Minecraft and allow you to make intelligent decisions on such traffic.

Leverage Subscription Service to Stay Ahead of Attacks

The Ixia BreakingPoint Application and Threat Intelligence (ATI) Subscription provides bi-weekly updates of the latest application protocols and attacks for use with Ixia platforms.

↧

BreakingPoint Captures Real-World 2015 Application Trends

March 29, 2016, 1:50 pm

≫ Next: Ixia and Dynatrace Partner to Deliver Enterprise Application Performance Assurance

≪ Previous: ATI Minecraft

03/29/2016

ATI-Research-Center-Seal

Author: Lalithya Divi. A quick look into the 2015 BreakingPoint Sandvine Global Internet Phenomena report for North America Fixed Access gives an interesting insight into the various application distributions across multiple geographical locations.

Figure 1: North America Fixed Access Application distribution.

The percentage of traffic generated by the Real-Time Entertainment (audio and video traffic) continues to be the most dominant category among the various application distributions available. Observing the reports of the North America region it is evident that Netflix traffic occupies about 35% of the overall fixed access traffic. The other contributors to the growing real-time traffic include YouTube, Amazon video, and Hulu, which have all shown an increase in their share when compared to the report released in May 2015. Real-time traffic is dominant in the mobile traffic as well, with a share of over 40% of downstream bytes. However, not far from the top are the Facebook and htttp application usages and also third-party application Snapchat, which has an individual contribution of 4.11%.

Europe, Middle East, and Asia Pacific (EMEA) have similar trends with real-time entertainment. However, the Africa region is an exception to this trend, where the majority of the peak traffic comes from the web-browsing category. Although, the real-time entertainment traffic shows an increasing trend and is expected to beat the other traffic categories in Africa as well.

Ixia’s BreakingPoint solutions provide the application profiles that enable you to test your networks against various traffic distributions as seen in the real world. BreakingPoint includes traffic profiles that are based on the percent bandwidth as per the global Sandvine reports. The recently released Sandvine profiles include:

Sandvine 2015 Latin America Mobile Access
Sandvine 2015 Latin America Fixed Access
Sandvine 2015 Asia Pacific Mobile Access
Sandvine 2015 Asia Pacific Fixed Access
Sandvine 2015 Latin America Fixed Access
Sandvine 2015 Europe Fixed Access
Sandvine 2015 Europe Mobile Access
Sandvine 2015 North America Fixed Access
Sandvine 2015 North America Mobile Access
Sandvine 2015 Africa Mobile Access
Sandvine 2015 Africa Fixed Access
Sandvine 2015 Middle East Mobile Access
Sandvine May 2015 North America Fixed Access
Sandvine May 2015 North America Mobile Access

Leverage Subscription Service to Stay Ahead of Attacks

The Ixia BreakingPoint Application and Threat Intelligence (ATI) Subscription provides bi-weekly updates of the latest application protocols and attacks for use with Ixia platforms.

↧

Get Plaintext TCP Stream

ATI Minecraft Test on BreakingPoint System

Validation

Leverage Subscription Service to Stay Ahead of Attacks

Latest Images