Download PDF version

Following the introduction, earlier this year, of the first test solution for authentic validation of zero trust networks, Daniel Munteanu, the Product Manager at Keysight, is extremely excited to take this opportunity to provide more information about this major milestone that is shaping the future of network application and security testing.

Typically, for a product, a 2.0 release marks the transition into the maturity stage (or, even a brand-new initiative), but with CyPerf 2.0 it is more than that. It is about delivering unique, unmatched capabilities that are raising the bar for network application and security testing.

Keysight CyPerf - instantly scalable zero trust test solution

Keysight CyPerf is the industry’s first instantly scalable zero trust test solution for distributed cloud

Keysight CyPerf is the industry’s first instantly scalable zero trust test solution for distributed cloud. CyPerf’s light-weight traffic generation agents can be deployed across a variety of physical, cloud and containerized environments, in order to deliver unprecedented insights into end-user experience, security posture, and performance bottlenecks.

By realistically modeling dynamic application traffic, user behavior, and threat vectors at scale, CyPerf validates hybrid networks, security devices, and services for more confident roll-outs.

Testing zero trust enabled network architectures

The key highlight of CyPerf 2.0 is the new capability for testing zero trust enabled network architectures with native support for authentication and contextual traffic generation.

In this release, client traffic agents are able to state-fully interact with Palo Alto’s Prisma Access Policy Enforcement Point and authenticate with Okta Identity Provider, before generating test traffic. A comprehensive state-full workflow is implemented within the test agents to mimic real user behaviors.

Access and retrieve data from the protected application

While trying to gain access to a specific protected application, they are first redirected to authenticate, and once the authentication is successful, they are again re-directed to finally access and retrieve data from the protected application.

To make testing more relevant and insightful, CyPerf test agents can be configured to use a very large set of credentials (using playlists of username and passwords), or to access custom application paths. This opens the path for unique test scenarios, relevant to the zero-trust world, such as:

  • Emulating end-to-end legitimate user workflow to test the functionality, performance, and scale of zero trust network architectures.
  • Use authenticated users trying to access resources that are not available to them.
  • Combine legitimate, unauthorized, and unauthenticated users to validate least-privilege access policies.

Client Zero Trust Statistics

A test tool is only as good as the accuracy and relevancy of the statistics it is providing

A test tool is only as good as the accuracy and relevancy of the statistics it is providing. Because network security is critical, there was no scope to lower the bar for providing relevant metrics in zero trust scenarios, so implementing new dedicated stats dashboards like Client Zero Trust Statistics was the only option.

Access to granular KPIs and metrics provide users with insights into the status of the interaction with 3rd-party elements like the Policy Enforcement Point transactions or the Identity Provider’s response codes.

CyPerf 2.0

While the zero trust functionalities are the highlight of CyPerf 2.0, the other new features added in this release cannot be overlooked. CyPerf now supports HTTP Redirects, which makes it easier to interact with devices under test (DUTs) that use this technique for various purposes.

CyPerf’s deployment and usability has also been significantly improved with support for Microsoft Azure marketplace and the ability to deploy CyPerf test agents’ as.deb packages on top of both Ubuntu 20.04 and Ubuntu 18.04.

Expanded attack capabilities

On the content side, the attack capabilities are expanded with over 700 new high-profile security attacks. This includes malware samples like Maze, Bumblebee, TrickBot, QakBot, Cerber, XtremeRAT etc. or various exploits like Log4j, SVCReady, Atlassian Confluence OGNL, Spring Expression Resource Access Vulnerability and others.

Download PDF version Download PDF version

In case you missed it

Axpo Modernizes Distribution Grid At Wildegg-Brugg
Axpo Modernizes Distribution Grid At Wildegg-Brugg

Axpo is renewing and modernizing the facilities of the supra-regional distribution grid at the Wildegg-Brugg power plant in Villnachern. As part of this, Axpo is replacing the ex...

TE Connectivity Expands Energy Portfolio With Acquisition Of Harger
TE Connectivity Expands Energy Portfolio With Acquisition Of Harger

TE Connectivity, a world renowned company in connectivity and sensors, has acquired Harger, an American major firm in lightning protection and grounding solutions for IEEE markets....

Delta Unveils Advanced IIoT Solutions At SPS 2024
Delta Unveils Advanced IIoT Solutions At SPS 2024

Delta, a global pioneer in power management and a provider of IoT-based smart green solutions will unveil its latest advancements in industrial automation at SPS Nuremberg 2024. I...

vfd