Spirent Communications has announced the worldwide availability of Spirent ThreatEx, a tool capable of replicating the most extreme digital attacks.

Spirent's ThreatEx simulates network attacks by creating data packets that mimic the behaviour of viruses and worms, and can be used to evaluate Firewalls and Intrusion Detection and Intrusion Prevention Systems (IDS/IPS).

ThreatEx is used by equipment manufacturers to test their IDS/IPS and firewalls during their quality assurance cycle, and by Service Providers and Enterprises to test new security devices before purchase and before deployment.

ThreatEx consists of an appliance that generates attacks and includes a large number of attacks pre-configured for use either individually or together with other attacks. Users can create variants of existing attacks or new attacks using ThreatEx Designer software. It can also automatically evaluate an organisation’s vulnerability with ThreatWalker software.

Because hackers create new attacks continuously, Spirent created the ThreatEx Knowledge Base - a web-based subscription service that hosts a dynamically updated library of known attacks. This enables organisations to keep their tests current, thus minimising risk and maximising ROI.

In addition to the cache of existing ThreatEx attacks that include Denial of Service, port scanning, port corruption, buffer overflows, packet floods, redirection, tunnelling and fragmentation attacks, Spirent has added the following capabilities to the ThreatEx arsenal:
* Attacks specific for VoIP testing - SIP, Skinny and H.323
* Protocol Fuzzing - enables users to “fuzz” any protocol created by ThreatEx for corner case tests and extensive negative traffic permutation
* 150 protocol shells for ThreatEx Designer - allows any threat to be created via a point and click environment
* Expanded performance assessment - in addition to SNMP traps, ThreatEx now includes session latency, service assessment and exploit ratio

To simulate real-life traffic with negative traffic, ThreatEx can be combined with Spirent’s Avalanche to reveal how network performance degenerates when under attack.

For companies that have limited resources, Spirent’s Global Services team can use ThreatEx to perform security audits and supplements internal capabilities with test methodology expertise so that customers can focus on their core business.

“Companies face a barrage of increasingly sophisticated digital attacks crafted to bring down their mission critical applications and e-commerce sites,” said Zeus Kerravala, vice president of Enterprise Infrastructure at the Yankee Group. “The ability to identify network and device vulnerabilities before debilitating attacks occur can make or break a business.”

“Spirent’s ThreatEx can put firms’ security defences through their paces so that IT directors can quickly discover how they would cope with the real thing,” said David Hill, vice president of EMEA, Spirent Communications. “Spirent’s ThreatEx enables companies to test the vulnerability of their network security by replicating thousands of existing digital attacks, and also create new attacks before they arise.