Endace has announced the launch of a new range of 100 percent accurate traffic capture and replay systems specifically designed to help organizations pinpoint the exact level of traffic throughput that causes network security systems to fail.
Having a clear understanding of the exact level of throughput that an intrusion prevention system (IPS), intrusion detection system (IDS) or firewall can really handle before it starts to miss important network events (due to packet loss) is critical in today’s world of advanced persistent threats (APTs), distributed denial-of-service (DDoS) attacks and malicious network activity. In many instances, what vendors claim a system can handle and what it can really handle can be two quite different things.
Up until now there has been no accurate way for organizations to use their own network traffic to figure out the point that a system fails to see every threat. As a result, many organizations have been simply hoping that their systems are seeing everything, rather than knowing—which exposes them to unacceptable levels of risk to reputation damage and litigation from preventable security breaches.
Endace Capture Replay Systems enable organizations to record up to 16 terabytes of real network traffic with 100 percent accuracy from two 10 Gb/s monitoring ports and replay it in exactly the same order through any specified system at any line rate up to 10 Gb/s. Once the exact number of events in a trace file is established (typically by running it through the system at slow sub-gigabit speeds), then the breaking point of a system can be established by speeding the replay up in small increments to the point that the system starts missing known events.
“Being able to test a system using your own traffic rather than synthetic traffic is critical as a company’s traffic has a unique fingerprint that is almost impossible to replicate using traditional test and measurement tools,” said Neil Livingston, chief product officer at Endace. “Our Capture Replay Systems will enable organizations to build a precise understanding of the performance of their security systems and ensure they are buying and deploying systems that can really protect them.”
Endace is launching two different versions of its Capture Replay System: A SAS-based system that supports write to disk speeds of 10 Gb/s and 9.6 terabytes of storage and a SATA-based system that supports 16 terabytes of storage and a write to disk speed of seven Gb/s. Both systems can also be configured with a fiber channel HBA to enable larger trace files to be saved and recovered from network storage systems.