Juniper wanted to identify “an issue before it caused real problems. If it goes undetected until it’s deployed and it crashes in the [provider’s] network, you’re both in firefighter mode,” said Avishai Avivi, senior director of DPI at Juniper. Juniper was looking for something that was easy to use, automated and effective at exposing the underlying software weaknesses, or flaws, that make networked applications subject to new forms of attack.

Testing Requirements

Juniper’s goal was to enhance the security analysis lifecycle of its design and development work and improve its effectiveness in proactively identifying and isolating both network-level and application-level attacks and updating its ability to defend against such attacks.

Challenges

It used to be you had to have someone constantly monitoring the test in case it failed. And then you didn’t know exactly where and had to analyze it and manually restart the test.

In addition, to analyze protocols Juniper was relying on open-source “fuzzing” tools, which “were only as good as the people who wrote them,” said Avivi. And their “coverage was fairly limited.”

Solution

To ensure a high level of ongoing security with both new products and updates to existing platforms, Juniper added the Mu Dynamics testing solution to its pre-release testing efforts. It is using our solution as an automated regression test bed for products across various groups within the company. The test coverage also extends to denial-of-service attacks, which Juniper uses to assess how its intrusion detection and deep packet inspection devices react to them.

Results

With Mu Dynamics, they can run millions of tests:

• Quickly
• Accurately
• and repeatedly

There are some real cost savings. There’s the reduction of labor, but the bigger part of the cost savings may be harder to measure, but is even more important – it comes from the proactive identification of potential vulnerabilities and eliminating them prior to rolling out a new release.