Mu Dynamics, headquartered in Sunnyvale, California, is a provider of proactive
service assurance solutions that are designed to eliminate the high cost of service,
application, and network downtime.
The company changed its name from Mu Security to Mu Dynamics in May of
this year, defining a broader role for its products to address the issues of network
downtime, in addition to network security-including problems that occur when multiple
applications are simultaneously dumped onto the network.
Mu’s solution automates a systematic and repeatable process that identifies
hard-to-detect sources of potential downtime within IP services, applications, and
The company targets enterprise organizations, network service providers,
telecommunications companies, and network equipment manufacturers as their market, and
has deployed its Mu solution at more than 100 locations.
Mu is backed by leading venture capital firms that include Accel Partners, Benchmark
Capital, DAG Ventures, and Focus Ventures, and also has offices in Australia, Japan and
The company’s flagship product, which debuted in 2005, is named the Mu-4000
Analyzer; is designed to characterize the reliability, availability, and security of
networked products and applications. The Mu-4000 is a self-contained, rack-mountable
appliance that can be configured and managed via a Web-based graphical user interface.
Alternatively, it can be controlled using any scripting language via a remote automation
interface, thus allowing seamless integration with testing frameworks.
For VoIP Implementations, the Mu-4000 supports a number of protocols, including:
H.323/H225.0/H.245 call signaling; the Session Initiation Protocol (SIP), including IP
Multimedia Subsystem (IMS) endpoint functionality; the Media Gateway Control Protocol
(MGCP), including the Network-based Call Signaling (NCS) profile; H.248/Megaco with the
IMS profile; RTP/RTCP; plus several dozen other protocols that are required for typical
The system can be deployed for testing at a number of key network junctures,
- the network core-testing core routers, SIP servers, Session Border
Controllers (SBCs), SIP and IMS endpoints, plus Digital Subscriber Line Access
- the network backbone-testing routers, SIP proxies and firewalls
- customer premises equipment endpoints for either enterprise
applications-testing switches, edge routers, SBCs, IP PBXs, and IP phones-or
residential applications-testing VoIP gateways, home gateways or IP phones
For example, the SIP implementation of a Session Border Controller can be tested on
its operational ports, as well as other related protocol implementations on that device,
such as HTTP, FTP, and Telnet. Since this testing can be automated, test scenarios can be
run quickly and without human intervention, isolating any faults that are uncovered and
documenting these on a chosen monitor, such as a serial console, syslog, or via
The Mu-4000 supports three key network functions for VoIP networks: protocol and
packet-level analysis, performance and quality of service (QoS) monitoring, plus traffic
simulation and network stress testing.
For protocol and packet level analysis, the Mu-4000 generates millions of service
-level traffic variations in a wide range of VoIP, IPTV, IMS and other widely used
application protocols. These variations embody a vast amount of knowledge gleaned through
examining fundamental vulnerability patterns across protocols, by generalizing publicly
known vulnerabilities, and by using the company’s own security expertise. These
service-level traffic variations use protocol mutations designed to undermine the
reliability and availability of an application, product, or service, and therefore expose
any underlying weaknesses.
For performance and QoS monitoring, the system generates different kinds of service
traffic, and then monitors the network to ensure that it is performing according to
expectations. The Mu-4000 collects response time data, and plots any faults found in
context of the observed response-time trend lines (see Figure
1). These service assessment results (such as specific hard faults, response-time
degradation, momentary outages, etc.), represent issues that could lead to network
downtime, and by remediating them as early as possible in the deployment life cycle,
network operations can be improved.
The Mu-4000 can also provide traffic simulation and network stress testing, using a
Denial of Service (DoS) Analysis Module which allows characterization of the
effects on a service when simulated network and application traffic is sent at specific
rates (see Figure 2). The DoS module provides insights into the
reliability, availability and security of the service in the face of either malicious DoS
attacks, or extreme amounts of valid service-level traffic. Over 40 templates are shipped
with the Mu-4000 representing well-known attacks, including the SYN flood, SIP INVITE
DoS, Slammer Worm, Ping of Death, and others.
Further details on the Mu Dynamics architecture and products can be found at www.mudynamics.com. Our
next tutorial will continue our examination of vendors’ network management