Archive for Uncategorized

How to win in the age of cyber war

December 22, 2011

While the bad news is that experts are declaring that we have entered the age of cyber war, the worse news as we enter 2012 is that security systems and professionals are just not able to keep up. Security attacks are increasing in their complexity and intensity every day. These range from inter-state attacks (like the one on Raytheon this year and the ones from China that are being investigated by the U.S. government) to cyber-crime (that includes countless malware and DDOS attacks against businesses and consumers).

                            

Full Post »

Categories: DoS, Firewall, Fuzzing, SCADA, Uncategorized
145 Comments
Bookmark and Share

Validating Application Detection Signatures

December 13, 2011

In the new world of next-generation networks, pretty much every leading network equipment manufacturer (NEM) today has application-awareness built into their products. Whether it’s an application firewall, serving gateway or edge router, they’re all using deep packet inspection (DPI) to look deep into the network traffic to identify the specific application.

For example, Cisco has Application Visibility & Control, Juniper has AppSecure, Palo Alto Networks has App-ID, Sandvine has Traffic Identification and Tellabs has Application Identification.

Each vendor has their own proprietary database comprised of hundreds or thousands of application signatures and on finding a match, their system can then take action based on the defined policy (e.g. block an application, apply QoS, etc…)

Before these new application signatures are released however, testing is needed to ensure the accuracy of the detection. One of the major challenges is to avoid the false positive, in which an application is misclassified.

Full Post »

Categories: DPI, Firewall, iPhone, IPS, Netflix, Performance, Studio, Testing, Uncategorized
226 Comments
Bookmark and Share

Using real apps to test billing and charging on 4G/LTE networks

November 8, 2011

The hype, and in many cases concern around DPI has always been strong. It has triggered provocative debate on the Internet around privacy, end user rights, the role of the operator, and the extent to which they can monitor what applications we send and receive on the Internet.

The truth is that DPI isn’t just an emerging technology; it’s actually a reality, showing up on traditional fixed line networks, enterprise networks and most recently on mobile networks. Recently, Telefonica announced the deployment of Sandvine’s network policy control solutions to provide visibility across the network for some 250 million subscribers across 20 countries.

Full Post »

Categories: Android, DPI, Scalability, Scale, Studio, Uncategorized
281 Comments
Bookmark and Share

Mu App Quadrant #3 – Skype Voice on Mac (OS X) Expends at Least 28% More for Consumers and Operator Networks than on Other Devices

November 7, 2011

In the previous versions of the Mu App Quadrant we first compared the most popular video services, and then specifically focused on Netflix across multiple endpoints. Now, in this third edition we have looked at Skype. Not only is it one of the most popular voice apps on the internet with over 30 million users online at peak times, it’s also one of the biggest bandwidth guzzlers, due in part to the P2P nature of its architecture.

Full Post »

Categories: Android, Cloud, iPhone, Netflix, Studio, Talk, Testing, Uncategorized
422 Comments
Bookmark and Share

Driving Real Application Traffic Through Junosphere Virtual Infrastructure

October 3, 2011

Today, Juniper announced Junosphere™ Lab, an innovative on-demand service that gives service providers and enterprises immediate and low cost access to a virtualized environment for designing and testing networks. Very cool stuff – leveraging the power of the cloud and helping customers dramatically reduce their TCO while accelerating the time to model networks.

Real Traffic in a Virtual Environment

So when you spin up a network environment and model a production topology, you’ll then need a way to create realistic application traffic to understand its impact across the network. That’s where we come in.

Mu Studio Performance has been integrated into the Junosphere Lab so you can just as easily spin up (and tear down) virtual instances of our performance testing solution to quickly and accurately recreate a mix of applications that represent the production environment – that is, real users on real devices, running real applications.

Full Post »

Categories: Cloud, DPI, EC2, Firewall, iPhone, IPS, Performance, Scalability, Scale, Studio, Testing, Uncategorized
414 Comments
Bookmark and Share

Ensuring the Accuracy of the Mu TestCloud Application Tests

September 19, 2011

In a previous blog I discussed how we had started to build out the test content for different kinds of applications across categories like P2P, video, chat and social media in our Mu TestCloud store. Fast-forward to today, and we’ve now got well over 2,000 tests, with coverage for hundreds of different apps. We’ve also got lots of customers who are actively using these ready-to-run tests for a wide range of use-cases – everything from verifying application detection signatures to validating application policies, as well as billing and charging.

But regardless of their domain, there are two common questions that customers are curious to understand:

1. How do we select the applications in the first place?
2. How do we ensure the accuracy of the tests?

So for this blog I’m going to give you a behind-the-scenes view into our test content creation process.

Full Post »

Categories: Android, DLP, DPI, Firewall, iPhone, IPS, Netflix, pcapr, Performance, Studio, Testing, Uncategorized, Video, Wireshark
178 Comments
Bookmark and Share

IPv6 – Illustration of Theory vs. Practice

March 2, 2011

I’ve been setting up an IPv6 lab for some network testing, and it’s really illustrated the differences between the Theory of IPv6 versus the Practice of configuring your network devices.

But first, some helpful cli commands for Ubuntu Linux (and others)
$ ping6 ipv6.google.com
$ ping6 2001:4860:8004::93           \\ same ping in numeric format
$ traceroute6 ipv6.google.com
$ nslookup -q=aaaa ipv6.google.com    \\ or, once running nslookup, enter set q=aaaa
$ route -6
Full Post »

Categories: IPv6, Training, Uncategorized
249 Comments
Bookmark and Share

What happens inside NAT stays in the NAT

November 8, 2010

There is this knotty thing called NAT, that makes packets naughty and causes test tools to cry ‘boo-hoo, NAT fair!!!’. Most test tools until now, regardless  of how ardently they claim to be real, realistic or really real somehow run and hide when NAT devices are in play. Not true for Mu. We just released a killer solution for NAT that enables DPI, ALG, Firewall and IPS testing to happen with NAT turned on.
Full Post »

Categories: Uncategorized
135 Comments
Bookmark and Share

YATE – JavaScript Templating Engine for Agile UI Development

March 19, 2010

Recently we were looking for ways to do rapid building of prototype pages during our UI development. I still remember my first web project when I built an air ticket reservation system over a decade ago. Back then, we were concatenating HTML / Javascript inside servlet code to crank out the UI. The joy of building a cool new system was quickly offset by the frustration in dealing with escape / unescape single double quotes for multiple layers of Javascript inside Java code. Over these years, things evolved a lot in trying to address this separation of logic and presentation issue. We had JSP, Strut, Velocity, FreeMarker etc. They were running toward that goal with one getting closer than the other. But logic code still mingles with HTML/CSS . If not used cautiously, they can still yield spaghetti code faster than developers can chew.

Full Post »

Categories: JavaScript, UI, Uncategorized
392 Comments
Bookmark and Share