CyberFlood Security Testing Solution First to Offer TLS 1.3 with Advanced Fuzzing
SAN JOSE, Calif., Sept. 14, 2017 – Spirent Communications plc (LSE:SPT) today announced an update to its flagship security testing solution, CyberFlood, making it the industry’s first security test product to support TLS 1.3, a new encryption protocol that will improve security and privacy for internet users everywhere. This CyberFlood Advanced Fuzzing update provides support for TLS 1.3 draft-19, draft-20, and draft-21 — a capability Spirent was the first to demonstrate in July 2017 at Black Hat USA.
Transport Layer Security (TLS) is the underlying technology that enables secure communication between web browsers and servers on the internet. Customers are anticipating TLS 1.3 because of the dramatic improvements in efficiency and security it will bring, optimizations to help address the rising tide of performance-slowing encrypted internet traffic and the fact that the last encryption protocol update was standardized nearly a decade ago. The current version, TLS 1.2, is supported by most browsers and HTTPS-enabled web services. Spirent is enabling its customers to be TLS 1.3-ready by supporting early drafts of the new standard prior to ratification. The Internet Engineering Task Force (IETF) standards body is expected to finalize TLS 1.3 later this year.
“TLS 1.3 encryption represents a significant leap forward in both security and performance for web communications,” said Scott Crawford, research director, information security, 451 Research. “By implementing and testing TLS 1.3 in their solutions, vendors can begin offering better protection for the high-value data often communicated by internet products and services against cyber-attacks that have evolved since the previous standard was ratified.”
With CyberFlood v17.2.1, network equipment manufacturers and service providers as well as others implementing this new standard will be able to test and validate their TLS 1.3-supported network devices and endpoints before going to market, thereby protecting their customers from vulnerabilities and software defects — even before TLS 1.3 is officially ratified as a market standard.
“As the first to market with fuzz testing for TLS 1.3, Spirent is extending its leadership in security testing and validating the way the world communicates,” said David DeSanto, director of products and threat research at Spirent Communications. “The industry is ripe for an encryption protocol update, and our customers are relying on Spirent to provide them with the realistic preemptive intelligence that ensures their TLS 1.3 implementations are stable, reliable and secure before they go to market.”
Security and Performance
CyberFlood expands its performance with support for the Spirent C100-S3 appliance with 100G (NIC-64). This combination allows CyberFlood to provide line-rate performance testing to validate next-generation higher-speed Ethernet security and network infrastructure solutions. With up to 150 Gbps of application traffic capacity and over 70 million open connections on a single appliance, the C100-S3 combined with CyberFlood gives users the needed performance and test capabilities to prove out data-center and carrier-class networking solutions.
CyberFlood extends its mixed traffic testing capabilities, allowing users to increasingly stress their network devices and infrastructure. CyberFlood Throughput with Mixed Traffic allows users to customize included protocols as well as custom configure SSL/TLS settings. The result is near line-rate mixed application and protocol traffic testing with strong encryption and cipher suites while maintaining over 60 percent encrypted communication.
CyberFlood v17.2.1 is available today to Spirent’s customers via a simple upgrade that is downloadable from the Spirent Customer Support Center.