Network testing, as the term implies, is the testing of a network to ensure that the network configuration is working as designed. Netbeez rightly adapts the definition of software testing by Wikipedia to network testing and states that “Network testing is an investigation conducted to provide stakeholders with information about the quality of the product or service under test. Network testing can also provide an objective, independent view of the network to allow the business to appreciate and understand the risks of network implementation.”
Table of Contents:
1. When should network testing be done?
2. Network testing tools
3. Challenges faced while testing networks
4. What is Network Security Testing?
The predominant purpose of a network is sharing of resources efficiently, it is very important to undertake periodic network testing with reliable network testing tools. This is, as manageengine states, in order to:
- Understand the condition/state of the network
- Make sure that the configuration changes function as expected
- Detect crippling attacks to the network and
- Provide superior quality end-user experience
Network testing is rather similar to software testing except that the former must happen in a production environment, following a configuration change.
When should network testing be done?
Network testing ought to be run ad-hoc as well as at all times by means of active network monitoring in order to detect problems in the network as and when they happen. Ad hoc network testing is undertaken to post a configuration change to validate whether everything went as expected.
Netbeez lists a few situations in which the design and implementation assumptions can be validated after a configuration change:
- Circuits or site turn-up: When a new remote site or WAN link is installed, tools like iPerf help ensure that the required bandwidth of the carrier is made available and tools like ping help confirm that the circuit suffers no packet loss. Also, one must test the MTU (Maximum Transmission Unit) allowed in a new site.
- Routing policy change: Given the complexity of the network, large networks pose a high risk of a routing policy change causing unexpected consequences on the routing table. Ping and traceroute tests run by distributed monitoring agents (full-mesh fashion) help validate in real-time that a routing policy change is changing the routing table only as expected.
- Updates of Firewall rules: It is advisable to verify if a new firewall ruleset for blocking, or allowing, certain traffic is successfully implemented. Using nmap, a port scanner, or performing a ping test based on TCP from the unprotected to the protected network can help verify a successful update of a firewall.
- Quality of Service (QoS): Since applying a QoS configuration to the network is a complex task, given the many different dependencies, testing is critical to verify if the network properly classifies, marks and queues traffic.
- Network speed tests: While evaluating end-user experience, measuring the download and the upload speed to the internet is very important. There are open-source utilities, such as iperf, as well as commercial utilities to measure network speed.
Terminal is one of the tools, for a start, that can be employed for network testing. Be it a Unix/Linux, Windows, or Mac environment, the command-line interface (CLI) provides plenty of utilities, including ping and traceroute, that can help perform network validation. However, the snag with the CLI is that it is local and not distributed. Since it does not scale nor does it provide historical data, one is at a disadvantage while using CLI. This is why, as Netbeez states, a distributed, GUI-driven testing solution is necessary, which runs network testing commands simultaneously on many hosts and stores the results for historical review.
Network testing tools
Network testing tools are a collection of tools that help measure the performance of different aspects of a network. These tools include ping, SNMP ping, traceroute to WMI query tool and more.
Challenges faced while testing networks
Time is a critical factor when it comes to network testing. The procedures involved require a lot of time and resources, even if it is a small network.
Manageengine.com points out some of the challenges faced by an IT administrator while performing network testing, be it a large or small network.
- Network tests can be very demanding in terms of the amount of resources and manual effort.
- When there are several networking testing tools employed, then each tool needs to be launched and stopped separately to perform each network test: this is tiresome and time-consuming.
- The network testing tools require allocation of storage, clearing of cache, starting and stopping of services, and ensuring that ports are open. Such management of multiple tools in itself is a daunting task.
What is Network Security Testing?
A means of testing security controls across a network to spot vulnerabilities and to determine risks is Network security testing. The testing medium could be wireless, phishing emails, ethernet, hardware/IoT, physical access, or Dropbox placement, but the end result is network access to protected data or systems.
As secureworks.com points out, the goals of testing differ: network testing can be used to validate security defences, meet mandates of compliance and test the security controls of any type of electronic data. Some of the common tests include:
- Vulnerability Assessment
- Penetration Testing
- Specific network tests, such as Wireless Network Penetration Testing
- Red Team Testing
- Application Security Testing
We see new technology platforms raising new security complexities, and therefore, IT and security teams too needs to gain new expertise and tools while also seeking out independent testers for performing reviews.
Heightened security postures are deemed necessary owing to the highly sophisticated forms of threat and increased business risk. In response, the Hurix IT teams are testing without much scope restriction and partnering with highly skilled vendors. At Hurix, we also offer network testing features in a browser-based interface.