TeraVM – Security

Knowing Your Security Vulnerabilities

Delivering a fully virtualized application and security validation solution to test and secure devices, networks and their services
Image

TeraVM is an application and security performance validation solution and is used for functional and performance testing of both the network function and service deployment, covering a range of network and security devices providing comprehensive coverage for assessment of:

  • Vulnerability exposure: TeraVMs cybersecurity threat database enables users assess security perimeter performance with the latest cybersecurity threats
  • Access/Authentication/Authorization: TeraVM supports the widest range of 3rd party VPN clients, Single Sign On (SAML) and endpoint remote access connection (EAP-MD5)
  • Policy management: TeraVM’s per flow emulation of endpoints and applications enables validation of several policy management solutions; including BYOD and blacklisted URL/DNS

Test With Real VPN Clients

TeraVM can be used to act as many individual users on a network, including VPN based users such as Cisco AnyConnect SSL VPN clients with applications, Cisco AnyConnect IPsec VPN clients with applications. This is not ‘simulation’ of VPN traffic, but rather TeraVM acting as real remote workers making many individual valid connections on Cisco FTD/ASA and sending and receiving application flows. TeraVM measures both performance of VPNs and applications in real time. TeraVM also emulates and measures other VPN clients at scale.

Targeted Device Testing - VIAVI is used extensively in testing performance of secure VPN appliance, enterprise call management devices, firewalls, IMS Session Border Controllers and layer 4-7 application scalability. Read more about our VPN Client Emulation use case

Minimize Risk with Threat Analysis

With almost daily reports of security breaches and a large number of firms reporting the detection of an attempted attack on their organisation’s IT systems, never before has it been so critical as to identify where potential security vulnerabilities exist.

Security and attack types take on many guises from bot-attacks to employee credential theft and impersonation on the network.

Many online reports today typically highlight breaches in the form of:

  • Viruses, spyware or malware: the outcome of which is theft of money, intellectual property
  • Weak or non-existing security access policies: Internally a weak BYOD policy, external poorly implemented authentication service
  • Impersonation: via phishing emails or access to fraudulent online websites
  • Securing for the unknown, finding vulnerabilities with TeraVM

Knowing where potential vulnerabilities exist is key to enabling greater and more robust security. The challenge for many is the need to validate the reliability of secure access technologies, BYOD device policies and to continually monitor security perimeter performance.
Read more with our Cybersecurity Threat Analysis use case 

Post Quantum Cryptography

The implementation of Post-Quantum Cryptography (PQC) protocols introduces additional network performance overhead, impacting end-user experience. Testing is essential for developing and deploying cryptographic systems, including PQC-based ones. Post-Quantum Cryptography aims to create secure algorithms against quantum computer threats. Testing assists in several key areas for Post-Quantum Cryptography:

  • Security Assurance
    Algorithm Resistance Testing verifies PQC algorithms' resistance against cryptographic attacks. This includes testing the algorithms under different scenarios, including those that utilize classical and quantum algorithms, to evaluate their resilience.
  • Performance Evaluation
    Computational Efficiency: Testing evaluates PQC algorithms' computational efficiency. This includes measuring encryption/decryption speed, key generation speed, and overall system performance. Ensuring the efficiency of PQC algorithms is crucial for widespread adoption in practical applications.
  • Interoperability Testing
    Integration with Existing Systems: Cryptographic systems often require interaction with established infrastructure and protocols. Testing is essential to guarantee the seamless integration of PQC algorithms into diverse systems, avoiding compatibility issues.
  • Standardization Compliance
    Adherence to Standards: testing confirms PQC algorithms' compliance with established cryptographic standards, promoting interoperability and consistent implementation across platforms.

SASE Testing

Secure Access Service Edge (SASE) is a new way for employees accessing corporate functions and data securely and efficiently from any location.

The advent of cloud deployed applications and data combined with the diverse working locations has accelerated this change.

IT organizations are faced with the conundrum of providing employees with fast secure access while ensuring the corporate data and security are not breached and the same time ensuring productivity is not hampered by poor latency, throughput and response times.

While SASE is the solution there are many deployment challenges facing corporations:

  • What is the capacity of the VPN links between SASE and private applications?
  • How much authenticated and unauthenticated web application traffic can my SASE solution handle?
  • Does the end user performance vary under different load conditions?
  • How many connections can be sustained?
  • How much traffic can be carried inside the tunnels?
  • Will redundancy work when relied upon?
  • Will everything work seamlessly across a distributed multi-Cloud platform?
  • Will latency-sensitive applications such as Teams collaboration, VoIP, media streaming, and video conferencing work on demand without service affecting issues?
  • Will a cyber-attack compromise performance while data is scrubbed?

The quickest and safest way to a secure roll out of SASE is to vigorously test in the lab.

With TeraVM SASE test you can be sure enterprise employees will receive a secure connection, operational efficiency and 24/7 access anywhere their laptop takes them.

Software & Firmware Releases

  • Repair and Calibration

    Our products live in rugged environments for over 10 years with 1000s of test connect/disconnect cycles.  We will be there to support you to ensure components that require maintenance like connectors, batteries, and software updates to ensure you are ready to test accurately for years to come. We apply factory procedures that use fast, automated calibration and functional verification, maintenance using OEM parts and the application of all engineering change orders and software updates. Services are available through contract Care plans, FleetCare or per incident as requests. 

    Top 4 Reasons to Choose VIAVI for Your Repair and Calibration Needs:

    • Minimize business disruption
    • Budget
    • Measurement Accuracy and Product Reliability
    • Measurement Compliance, TL9000 certification and OEM Standards

    Explore More

Support at Every Step

We provide support, services, comprehensive training and the resources you need. It’s all part of what we do to maximize the value of your VIAVI investment.

Let Us Help

We’re here to help you get ahead.