SigmationLab>>
Security Test

The SigmationLab provides security test under various network environment for security verification and monitoring. The supported mainstream network safety test and analysis cover port scanning, DOS/DDos, buffer overflow, SYN flooding, fragment, application layer protocols attacks (SIP, HTTP/HTTPs, FTP, SMTP/POP3, Telnet), network virus, worms, trojan attacks on local system/network deceiving (phishing, Mac address spoofing, DNS spoofing), and OS attacks.

The SigmationLab security test solution is designed for safety assurance test and the network product safety test within the network of safety product/network device vendors/users and the application system providers. The solution can be used for hardware firewall, content firewall, IDS/IPS products, IPSec VPN products, host firewall software and all application servers such as the Web server and database server.

To guarantee the real attacking effect and verify the product stability and performance under continuous large scale attack, the SigmationLab security testers adopt the strategy of professional test device + real attack tools + the Sigma-RT security test tools to stress the network product with real large scale security test traffic.

How we do the test:
  • Test if the device under test (DUT) can defend popular known network security vulnerabilities and newly emerged threats
  • Test if the DUT can defend the known and potential malicious attacks against itself;
  • Stress the DUT for proper data transmission capability under the environment full of known virus and attacks
  • Conduct simulation test with large scale combination of valid traffic, known virus and potential threat
  • Network latency, packet drop and fragmentation test at real attacks
  • Test the transmission capability of blended traffic stream (language, video and data) at real attack state
Key Technology
  • The vulnerability scanning covers TCP/IP Layer 2, 3, 4, such as ICMP, TCP, SNMP, CGI, MSRPC packet scanning
  • Support popular protocol attacks
  • Daily updated vulnerability library
  • Support SQL Injection
  • Over 10,000 monitorable security vulnerabilities and this number is growing day by day
  • Support concurrent sending of various attacking packets
  • 802.11x, SSL, IPv6 support
  • Support Unix, Windows and Linux OS vulnerability scanning
  • Large scale real traffic generator
  • Rich vulnerability scanning techniques and scanning modes
  • Non-standard port identification
  • Multi-service scanning