VoIP Fits in With Mu's Broad New Focus
The Mu Analyzer is designed for a proactive 'network wellness' approach to security and performance monitoring.
The company changed its name from Mu Security to Mu Dynamics in May of this year, defining a broader role for its products to address the issues of network downtime, in addition to network security-including problems that occur when multiple applications are simultaneously dumped onto the network.
Mu's solution automates a systematic and repeatable process that identifies hard-to-detect sources of potential downtime within IP services, applications, and underlying networks.
Mu is backed by leading venture capital firms that include Accel Partners, Benchmark Capital, DAG Ventures, and Focus Ventures, and also has offices in Australia, Japan and the Netherlands.
The company's flagship product, which debuted in 2005, is named the Mu-4000 Analyzer; is designed to characterize the reliability, availability, and security of networked products and applications. The Mu-4000 is a self-contained, rack-mountable appliance that can be configured and managed via a Web-based graphical user interface. Alternatively, it can be controlled using any scripting language via a remote automation interface, thus allowing seamless integration with testing frameworks.
For VoIP Implementations, the Mu-4000 supports a number of protocols, including: H.323/H225.0/H.245 call signaling; the Session Initiation Protocol (SIP), including IP Multimedia Subsystem (IMS) endpoint functionality; the Media Gateway Control Protocol (MGCP), including the Network-based Call Signaling (NCS) profile; H.248/Megaco with the IMS profile; RTP/RTCP; plus several dozen other protocols that are required for typical VoIP implementations.
The system can be deployed for testing at a number of key network junctures, including-
- the network core-testing core routers, SIP servers, Session Border Controllers (SBCs), SIP and IMS endpoints, plus Digital Subscriber Line Access Multiplexers (DSLAMs)
- the network backbone-testing routers, SIP proxies and firewalls
- customer premises equipment endpoints for either enterprise applications-testing switches, edge routers, SBCs, IP PBXs, and IP phones-or residential applications-testing VoIP gateways, home gateways or IP phones
For example, the SIP implementation of a Session Border Controller can be tested on its operational ports, as well as other related protocol implementations on that device, such as HTTP, FTP, and Telnet. Since this testing can be automated, test scenarios can be run quickly and without human intervention, isolating any faults that are uncovered and documenting these on a chosen monitor, such as a serial console, syslog, or via Telnet.
The Mu-4000 supports three key network functions for VoIP networks: protocol and packet-level analysis, performance and quality of service (QoS) monitoring, plus traffic simulation and network stress testing.
For protocol and packet level analysis, the Mu-4000 generates millions of service -level traffic variations in a wide range of VoIP, IPTV, IMS and other widely used application protocols. These variations embody a vast amount of knowledge gleaned through examining fundamental vulnerability patterns across protocols, by generalizing publicly known vulnerabilities, and by using the company's own security expertise. These service-level traffic variations use protocol mutations designed to undermine the reliability and availability of an application, product, or service, and therefore expose any underlying weaknesses.
For performance and QoS monitoring, the system generates different kinds of service traffic, and then monitors the network to ensure that it is performing according to expectations. The Mu-4000 collects response time data, and plots any faults found in context of the observed response-time trend lines (see Figure 1). These service assessment results (such as specific hard faults, response-time degradation, momentary outages, etc.), represent issues that could lead to network downtime, and by remediating them as early as possible in the deployment life cycle, network operations can be improved.
The Mu-4000 can also provide traffic simulation and network stress testing, using a Denial of Service (DoS) Analysis Module which allows characterization of the effects on a service when simulated network and application traffic is sent at specific rates (see Figure 2). The DoS module provides insights into the reliability, availability and security of the service in the face of either malicious DoS attacks, or extreme amounts of valid service-level traffic. Over 40 templates are shipped with the Mu-4000 representing well-known attacks, including the SYN flood, SIP INVITE DoS, Slammer Worm, Ping of Death, and others.
Further details on the Mu Dynamics architecture and products can be found at www.mudynamics.com. Our next tutorial will continue our examination of vendors' network management architectures.
Mark A. Miller, P.E., is President of DigiNet Corporation, a Denver-based consulting engineering firm. He is the author of many books on networking technologies, including Voice over IP Technologies, and Internet Technologies Handbook, both published by John Wiley & Sons.
Article courtesy of Enterprise VoIP Planet, © 2008 DigiNet Corporation, All Rights Reserved