During the week of Network Field Day 6, Spirent announced the Avalanche NEXT product line. Our first NFD6 session was at Spirent’s office in Sunnyvale.
Last time I used Spirent products (admittedly about 10 years ago), the interface was a complex, clunky Windows application. You had to hand-craft frames that would have (at best) a very predictable value iteration in various packet fields (increase a payload field by “1” or “2” per packet). Frankly, this didn’t work well. TCP sessions didn’t work at all, and simulating more than a couple flows simultaneously was so time-consuming that it had no value. You could test raw throughput, but nothing (helpful) above layer 3.
While I realize that Spirent’s products have evolved in the interceding decade, the introduction of the Avalanche NEXT brings a lot of changes.
I’m totally ignoring speeds and feeds, because while the Avalanche NEXT has an impressive array of super-high capacity ports available, it’s basically what you’d expect. If the platform couldn’t do lots of 10G, or a good amount of 40G, or event some 100G it would have missed the mark for requirements of high-end environments and equipment manufacturers. So it does that stuff.
What was really innovative, I thought, was the interface. In an enormous departure from the Spirent I used years ago (and even some more recent products based on other screenshots on their web site), the Avalanche NEXT platform uses an all browser-based, very slick, HTML5 interface. This interface made it incredibly simple to select, customize, or even scratch build a complex suite of tests. Sliders and dynamic pie charts made modifications to traffic mix and specific application parameters very easy. A few drags and clicks and you had an extensive scenario pumping bits.
Notice I said “application parameters”… The Avalanche NEXT system can simulate real protocols and even specific applications (even to the level of specific Facebook apps and such). This lets you build a real-world traffic mix that can test not just application throughput, but other more advanced features like context awareness for next-generation or Web Application Firewalls. It could be used to test content filtering or logging platforms, or load balancers as well. Advanced layer 4-7 testing capabilities mean you can test advanced layer 4-7 solutions! Very cool stuff.
Pictures are worth a thousand words, so I recommend checking out this 2 minute product tour at Spirent’s website.
Further, Spirent explained that their TestCloud service — the online “app store” database of applications/protocols, attacks, and malware patterns — will be continually updated. I asked about the possibility of a community arrangement where users can share tests they’ve written as well, and the presenters said that was under consideration.
The ability to test real-world examples of applications is pretty huge for modeling, baselining, verifying vendor datasheets, or examining scalability of virtual network appliances. Also, the Spirent team confirmed that the product will be capable of ingesting a PCAP or other capture file and basically templating application flows from it to mimic many clients using an application that may not be present in the online database. In a former life where I had to try to do analytical modeling of custom-written application performance over a WAN, extrapolating the experience of a single user to determine how the network would behave with 1500 users, I would have killed for this thing.
Also very interesting were the security capabilities of the product. The TestCloud will also have vulnerability profiles that can be used for attacks, and the product can do fuzzing attacks to prod for new zero-day issues. Malware emulation is another option, which could be used to simulate a virus outbreak and test response from IPS, SIEMs, etc. Security vulnerability scanning is not so ground-breaking, but it’s a good way to extract additional value from what could be a substantial investment. Also, a laptop running a commercial vulnerability scanner can’t simulate a DDoS or emulate an entire enterprise worth of infected machines trying to compromise a server.
So is it all rainbows and unicorns for the Spirent Avalance NEXT? Not quite. I was disappointed to learn that there’s nothing on the radar right now in terms of flow import. It would be nice to be able to take a cross-section of actual flow data (NetFlow or similar) and use that to build test cases that closely mimic a real data mix in a specific environment. Also, the interface, while very slick already, was definitely a bit green. For example, it was not yet possible to build test profiles that had more than a ramp-up, steady state, and then ramp-down. The product team assured us UI enhancements were coming.
Then there is the elephant in the room. Cost, cost, cost. Spirent didn’t want to go into the pricing during the NFD video session, but off camera they gave us an idea of what the hardware appliances will ballpark for and it would be a healthy investment for any company.
They do offer rental/leasing programs as well as a professional services division that can assist with testing and bring equipment, so a company could basically commission a test to be performed to their specs without having to invest directly in the product or training. This helps, but I can readily say that unfortunately out of 100+ customer environments I have worked in over the last 5 years, maybe one would be a real candidate to pony up for the initial components of Avalanche NEXT. The datasheet also indicates a forthcoming portable 1G/10G appliance that I’m really hoping will be more approachable for the mid-market. That may not be as useful for huge-scale throughput testing but could still be helpful for many of the other infrastructure testing capabilities I mentioned above.
If Spirent’s new offering sounds intersting, I recommend watching the recorded video sessions from NFD6 which included some great discussion and also some additional demos of Avalanche NEXT. Avalanche NEXT is slated for GA release this month.
Spirent was a sponsor of Networking Field Day. In addition to a presentation, Spirent provided me lunch, a battery powered clock, and plenty of Red Bull. At no time did they ask for, nor where they promised any kind of consideration in the writing of this review. The opinions and analysis provided within are my own and any errors or omissions are mine and mine alone.