There’s a new paradigm for navigating the dynamic realities of distributed cloud environments, where applications and services have access to a wide range of resources within private, public and hybrid clouds: Trust no one.
That’s the approach taken by zero-trust network access, or ZTNA. Nothing is trusted; everything is verified. Security is based not on defined perimeters, but on identity, and any lateral network movement is restricted. All of that is well and good for the cybersecurity part of the equation, but what about network equipment manufacturers (NEMs) that need to test the performance and security of their offerings in distributed zero-trust environments?
Keysight Technologies has introduced what it says is the first instantly scalable zero-trust test solution. The newest iteration of its software CyPerf, version 2.0, replicates real-world traffic that mirrors actual deployments. It also enables enterprise IT teams to proactively test their distributed networks to ensure optimal performance and security as new devices, tools and applications are added.
Here are some of the highlights.
- High realism — CyPerf emulates real users, applications and attacks to replicate a real-world environment. It generates both legitimate traffic mixes and malicious activities across a complex set of proxies, software defined-wide area network (SD-WAN) devices, identity providers (IdP), secure access service edge (SASE) nodes, virtual private network (VPN) tunnels, transport layer security (TLS) inspection devices, elastic load balancers, containerized networks and web application firewalls.
- Native authentication — The software supports authentication and authorization with the ability to send application and security traffic over authenticated sessions at high scale.
- High scalability — CyPerf supports millions of concurrent users and millions of connections per second that elastically scale to enable resiliency and chaos testing, as well as validation of VPN scale and performance.
- Containerized traffic agents — The software deploys lightweight agents as containerized pods to support a range of on-premises or managed Kubernetes deployments. Traffic agents can also be deployed as virtual machines (VMs) or public cloud instances (Amazon Web Services, Google Cloud Platform and Azure).
- Events — The software allows generation of specific events to test monitoring, logging, orchestration and incident management for ZTNA.
- Pre-deployment lab and live network testing — CyPerf creates a digital twin of users, apps and threats that scales vertically and horizontally to assess performance. It automatically adjusts to achieve high performance and reach set goals within the given test conditions without user intervention.
CyPerf is a subscription-based solution with a cloud-native graphical user interface management dashboard. Keysight offers a free test drive of the software, which can be accessed here.