Maxwell Network Emulator Products and Solutions
Specifications

Standard Impairments:

  • Drop/Loss, Duplicate, Delay (latency), Rate Limiting, Jitter, Re-order, and/or Burst Errors

Protocol Impairments:

Protocol impairments test the ability of the destination device to respond properly to malformed and/or unexpected packets, and thus test the robustness and vulnerability of the device to security threats.  For example:
  • Change the source IP address to all ones (broadcast)
  • Remove all data from selected UDP packets (resulting in a malformed packet)
  • Append random data to the end of the message without adjusting Content Length
  • Create IPv4 or IPv6 fragments that contain missing or overlapping fragments

Stateful Impairments:

Maxwell performs stateful impairments.  Maxwell can track the conversation between two network devices over a period of time.  At a certain point in the protocol conversation, Maxwell can introduce an impairment to test if the receiving device responds correctly.  The TCP Flash demo is a good example.

Since Maxwell examines both incoming and outgoing packets, more paths through the code can be tested and more network vulnerabilities and failures uncovered.

In contrast to static packet filtering, in which only the headers of packets are checked, stateful tracking analyzes the entire packet, protocol and payload, and can make impairments based on intelligent criteria, helping the user uncover difficult bugs.

User Programmable Impairments:

In addition, the user can create his/her own customized network, packet, or protocol impairments and use Maxwell’s Plugin facility to add these impairments by creating a program in C or C++. Sample templates are included.

You can customize an impairment for a particular situation, e.g. legacy protocol
 

Multiple FLows


Multiple Flows:

Maxwell performs its standard, protocol, and user programmable impairments on multiple flows.

A typical network device or application typically receives multiple flows of traffic concurrently.  These network flows originate from multiple sources.  Maxwell supports multiple flows concurrently to permit the user to apply different impairments to different sets of packets.  All of these variables are user selectable allowing you to quickly and easily create the problems your device will be exposed to in the real world.

Multiple Flows over Time:

Standard, protocol, and/or stateful impairments can operate over minutes, days, or weeks.  The device's behavior could be sampled, before, during, and after this time period to determine if actual behavior was consistent with expected behavior.  Maxwell can apply a full range of statistical distributions to all these impairments over an extended time period.

Easy Set-Up with Minimal Configuration:

Since Maxwell operates like a bridge, you can quickly and easily set it up with your device(s).  Because it is not a router, you do not have to change your topology or reconfigure addresses.  There is no requirement for understanding complex routing protocol and configuration options.  Maxwell is completely invisible to your devices.

Wide Range of Network Topologies:

Maxwell can be used in a variety of network topologies, so you can set things up to replicate a customer's network, or to accommodate your lab environment.  Two Ethernet ports are provided for the bidirectional flow of traffic; the third Ethernet port serves as the control interface.

Test lab set-ups can include LANs, WANs, VLANs -- tagged and untagged.  Example test configurations are available in the Maxwell User Guide.

Single User - Multiple Flows:

Maxwell handles multiple, concurrent, flows of network traffic.  Maxwell introduces its impairments while multiple devices concurrently send and receive packets. 
  • There is no theoretical limit to the number of concurrent flows; Maxwell is only limited by available memory.
  • The graphical user interfaces offers two to 64 bidirectional flows.
  • More flows are available via plugins.

Remote Access:

  • Command line interface
  • VNC remote control (allows you to view and interace with Maxwell using a VNC viewer)
  • Remote control and operation via programs written in Java, Perl, or Python
  • Remote access via Telnet or SSH

Manipulating Contents of Headers and Payload:

  • Create a packet and selectively insert it into the flow
  • Dynamically create and change distinct flows of packets
  • Inspect packet headers to select packets for modification (ability to filter on any criteria)
  • Rewrite packet headers
  • Rewrite packet data
  • Select and modify packets based on:
    • The content of that packet
    • The content of predecessor packets
    • The content of packets in other flows
    • The mathematical model of the packet flows
    • The position in the protocol handshake

Application Insertion:

  • Incorporate an application running inside Maxwell
  • Use that application to substitute for one end of the network flow
  • Examples include Asterisk (open source PBX)
  • Inject traffic as part of the internal application

Packet Filters:

  • IPv4 source address
  • IPv4 destination address
  • IPv6 source address
  • IPv6 destination address
  • TCP/UDP Source port
  • TCP/UDP Destination port
  • Protocol (any)
  • All packets / no packets
  • Source MAC address
  • Destination MAC address
  • MPLS label
  • VLAN tag
  • DSCP (Differentiated Services Code Point)
  • Bit Pattern anywhere in the packet
  • MAC Address
  • Apple talk
  • XNS
  • BACnet/IP

Reports and Log Files:

  • Track the number of incoming and outgoing packets for each interface and each flow
  • User selectable packet details based on criteria
  • User selectable packet "fate" based on impairments (e.g. 17 packets were dropped)
  • Modifications applied to flows
  • Statistics per flow per interface
  • Optional date and time stamped for correlation with other systems and tools

Statistical Application of Impairments:

  • As a function of predecessor packets (coupling)
  • As a function of a time interval
  • As a function of the packet arrival time withint the time interval (slew)
  • The extent of the impairments can be defined by the user:
    • The lower and upper limits of the start and end time
    • The type of statistical distribution
    • The type of deviation
    • The choice of piecewise or categorical functions

Modification to Packets:

  • Unlimited modification possibilities via plugins
  • All packet filters can also be modified (see Packet Filters)
  • Special sets of protocol modifications (SIP, TCP, UDP, IPv4, IPv6, ICMP, DHCP) are available
  • Full fragmentation

Packet Analyzer:

  • Industry standard "Wireshark" Network Protocol Analyzer
  • 759 protocols supported
  • Highlight and color packet summary information
  • All or part of captured network trace may be saved
  • Inspect data while session is in progress

Packet Capture and Replay:

  • TCPdump (libpcap):
    • Capture and save packet data from a live session to a file
    • Read packets from the file rather than the network interface
  • TCPreplay:
    • User previously captured traffic in libpcap format
    • Classify traffic and rewrite Layer 2, 3, and 4 headers
    • Replay traffic back on the network
    • Replay at arbitrary speeds
    • Flowreplay - emulate a network client using a pcap file

Other:

  • Full support of jumbograms
 
Terms of Use -  Privacy Policy -  Trademarks
©2001 - 2009 InterWorking Labs, Inc. ALL RIGHTS RESERVED.
For more information, please contact InterWorking Labs.