VPN Client Emulation and SASE Test

Emulating the leading VPN vendor clients

Defining the correct balance of security policies for a VPN client is essential in ensuring network security and the ability to deliver a reasonable level of Quality of Experience for the tunnelled application.

VPN Client Emulation

Test With Real VPN Clients

TeraVM can be used to act as many individual users on a network, including VPN based users such as Cisco AnyConnect SSL VPN clients with applications, Cisco AnyConnect IPsec VPN clients with applications. This is not ‘simulation’ of VPN traffic, but rather TeraVM acting as real remote workers making many individual valid connections on Cisco FTD/ASA and sending and receiving application flows. TeraVM measures both performance of VPNs and applications in real time. TeraVM also emulates and measures other VPN clients at scale.

Please e-mail tvm@viavisolutions.com to talk with the VIAVI TeraVM VPN team, or request immediate access to demo video

Emulating the leading VPN vendor clients

  • Cisco
    • AnyConnect SSL VPN client (both ASA and IOS/ASR1k variants)
    • AnyConnect IPSec IKEv2 VPN client (both ASA and IOS/ASR1k variants)
    • Cisco AnyConnect VPN Testing
  • F5
  • Fortinet
    • FortiGate SSL/TLS client (includes certificate authentication)
  • Huawei 
  • Juniper
    • Network Connect client (ESP/SSL, with Realm assignment)
  • Palo Alto Networks
    • Global protect VPN client
  • Pulse Secure

Understanding VPN Client Performance

Testing secure sever gateway performance is not only dependent on the performance of the tunnel establishment, but also the ability to test application performance e.g. video, voice and data in the configured tunnels. In addition for users to debug application based issues they will require unencrypted packet captures.

Per Flow Enables Unique Applications Per Each and Every VPN Client

Our stateful VPN clients are used to represent real-world scenarios where each VPN client is unique. In addition, the per flow architecture is used to enable emulation of a number of concurrent applications such as voice, video and data being encrypted in the tunnel.

VPN Emulation Use Case

A sample usage scenario is to emulate real IP Phones; establish connectivity with a Call Manager/firewall using TLS sessions and traverse RTP using SRTP. VIAVI is used to emulate thousands of unique VPN clients, providing performance measurements in real time per; MAC, DHCP V6/V4 session establishment, individual TFTP registration with Call Manager, individual parsing of TFTP information per emulated VoIP end point model, SIP/TLS session, RTP/SRTP session with Call Manager.

Targeted Device Testing

VIAVI is used extensively in testing performance of secure VPN appliance, enterprise call management devices, firewalls, IMS Session Border Controllers and layer 4-7 application scalability.

SASE Testing

Secure Access Service Edge (SASE) is a new way for employees accessing corporate functions and data securely and efficiently from any location.

The advent of cloud deployed applications and data combined with the diverse working locations has accelerated this change.

IT organizations are faced with the conundrum of providing employees with fast secure access while ensuring the corporate data and security are not breached and the same time ensuring productivity is not hampered by poor latency, throughput and response times.

While SASE is the solution there are many deployment challenges facing corporations:

  • What is the capacity of the VPN links between SASE and private applications?
  • How much authenticated and unauthenticated web application traffic can my SASE solution handle?
  • Does the end user performance vary under different load conditions?
  • How many connections can be sustained?
  • How much traffic can be carried inside the tunnels?
  • Will redundancy work when relied upon?
  • Will everything work seamlessly across a distributed multi-Cloud platform?
  • Will latency-sensitive applications such as Teams collaboration, VoIP, media streaming, and video conferencing work on demand without service affecting issues?
  • Will a cyber-attack compromise performance while data is scrubbed?

The quickest and safest way to a secure roll out of SASE is to vigorously test in the lab.

With TeraVM SASE test you can be sure enterprise employees will receive a secure connection, operational efficiency and 24/7 access anywhere their laptop takes them.

TeraVM Security - Knowing your Security Vulnerabilities

Find out more information