CTS-NTG Technology

CTS-NTG has been designed to assess network equipement for performance, security and stability. Assessement of network device become more complex as new technologies are developped, it requires a flexible and fast solution, with continuous integration of new protocols and threats.

CTS-NTG allows to generate realistic Legitimate and Malicious traffic based on actual content to reproduce real life scenarios.

Use Case

The following picture shows a typical test infrastructure for DDoS mitigation equipement :

CTS-NTG is plugged on switches/routers to replace real users and real servers; it will handle the whole generation of traffic by simulating both clients AND servers. A test suite is run across the DUT (Device Under Test) with realistic scenarios, combined Legitimate and Malicious traffic in a single test to mimic an attack on the simulated network and evaluate the capacities of the DUT to mitigate attacks while letting the legitimate users accomplish their tasks.

In order to perform realistic tests, we need real network data. We do our own cyber security research in our cyber security laboratory, analyzing legitimate, malicious and unknown traffic. Our aim is to understand the structures and behaviors of cyber security threats in order to improve global cyber defense.

Legitimate traffic analysis

Web protocols

Malicious traffic analysis

Network Reconnaissance / Network Scanning
Application Reconnaissance / Application Scanning
Well-known Vulnerabilites under CVE-ID, BugTraq ID, OSVDB
Well-known Exploits
Botnet : Command and Control (C&C) and Bots
L3 Denial of Service (DoS), Distributed Denial of Service (DDoS)
L4 Denial of Service (DoS),Distributed DoS (DDoS), Amplification/Reflective DoS (RDoS), Distributed Amplification/Reflective DoS (DRDoS)
L7 Denial of Service (DoS),Distributed DoS (DDoS), Amplification/Reflective DoS (RDoS), Distributed Amplification/Reflective DoS (DRDoS)

Unknown traffic analysis

Unknown Web protocols
Unknown Applications
Suspicious File

Integration to CTS-NTG appliance

Once we have identified traffic, it is added to the product database and available for generation using the Web interface of the product :

Reproduce realistic traffic load using the Load Profile editor.

Benefit from a large and detailed database of malwares to assess your security devices.

Customize every single action of your scenarios using expressions.

Realtime statistics and PDF reports : define your own views of reporting.

Get detailed reporting on threat tests.

Quickly access your latest data with the Dashboard.

Testing Coverage

CTS-NTG Technology allows to assess the following network equipment :

Wireless Access Points
Next Generation Firewalls
Web Application Firewalls (WAF)
URL Filters
Content Filters
SMTP Relays
Unified Threat Managements (UTM)
WAN Accelerators
Advanced Persistent Threat (APT)
Application DPI
Load Balancers
Mobile 3G SGSN and GGSN
Mobile LTE SGW and PGW
Anti-DDOS Systems
Anti-Botnet Systems
SCADA Systems
Lawful Intercept Systems
Data Retention Systems
Public Cloud and Private Cloud.