• Application Performance
  • Cloud Performance
  • IT Infrastructure Performance
  • Managed Services
  • Modeling & Simulation
  • Conferences
  • Web Briefings
  • User Group Meetings and Seminars
  • OPNETWORK
  • Careers
  • Events and Webinars
  • Please provide us with the following information, and we will respond as soon as possible.

    First Name

    Last Name

    Email

    Phone

    Company

    State

    Country

    How can we help you?

    * All fields are required

    Additional contact information

    Related Solutions
    OPNET Modeler Accelerating Network R&D AppResponse Xpert End-User Experience, Network Monitoring and Analytics OPNET nCompass Real-Time Network Visualization and Monitoring Sentinel Network Audit, Security, and Policy Compliance
    OPNET is a leading provider of application and network performance management solutions. OPNET’s solutions deliver broad visibility and monitoring across infrastructure domains as well as deep data collection and analytics to enable powerful root cause diagnosis. These solutions have been operationally proven in thousands of customer environments worldwide, and are powerful tools for cyber security planning.

    OPNET’s product family provides an integrated, full life-cycle suite for detection, analysis, visualization and planning, including:

    • Preparing for DDOS and SQL injection attacks.
    • Preparing for, and detecting network intrusions, and data exfiltration.
    • Planning counters to network attacks.
    • Cyber wargaming to develop cyber-tactics and train personnel.

    OPNET’s products assist in a range of cyber defense and preparation activities, including regular configuration auditing to detect weakness and unauthorized network changes, modeling the impact of different cyber attacks and defenses, monitoring and operations services to provide live real-time cyber security analysis, and a training testbed to develop new tactics and train employees.

    Configuration Auditing

    Networks carry business-critical services and applications, and are required to deliver high-performance while achieving no downtime and high integrity. Understanding vulnerabilities in the network and the impact of threats is the first step towards securing your network. Due to evolving attack techniques that leverage diverse vulnerabilities, it is critical to proactively identify and fix vulnerabilities and track the overall security posture of the network.
    OPNET's network engineering, operations, and planning product suite provides a powerful framework for cyber-security analysis, network compliance, and security auditing workflows:

    • Automated vulnerability assessment
      • Evaluate and track security compliance
      • Port scan analysis to determine vulnerabilities against open ports
    • Automated security posture tracking
      • Network Differences reports analyze the impact of network changes on security posture
    • Network Vulnerability Assessment
      • Use OPNET’s survivability assessment module to understand the impact of device failures on reachability and performance
    Drill down into changes in network configuration and study their effect

    Modeling and Planning

    Studying the impact of cyber activity in both traditional and tactical networks allows you to evaluate different network configurations and their resilience to cyber attacks. OPNET’s suite is extensible to evaluate new cyber technologies, including attack, defense, and detection technologies. These cyber activities mimic realistic scenarios using OPNET’s extensive protocol and device library. These studies are executed in OPNET’s high performance discrete event simulation engine.

    1. Cyber-attack model library
    2. The cyber-attack library consists of out-of-the-box models for attacks such as distributed denial of service (DDOS), man-in-the-middle and routing attacks, and will also allow the creation of custom attack models.

    3. Cyber-defense library
    4. The cyber-defense library consists of a set of typical defensive measures used to counter attacks, such as firewall policy updates, port blocking and interface shutdown. It will also allow addition of user-generated defense measures.

    5. Cyber test and evaluation framework
    6. The cyber test and evaluation framework enables users to construct and evaluate cyber scenarios incorporating time-sequenced attack and defense patterns. This framework reports on list of attacks detected, network elements and services compromised and also provides insight into effectiveness of deployed defense measures.

    Design a hypothetical attack on a network and evaluate counter-measures

    Real-time Monitoring of Traffic and Applications

    An important component in any cyber security suite is the ability to

    • Deploy a web of agents across the network that collect network and application performance data in a tiered hierarchy
    • Define "correct" or "expected" behavior or performance of network and application components
    • Monitor network traffic, server usage, or database performance
    •  Be alerted whenever something is falling out of the pre-defined safety zone

    OPNET’s cyber suite allows you to monitor and troubleshoot your environment for possible cyber attacks. The following are some examples of monitoring that OPNET’s customers are using today.

    • Detect atypical application performance for internal and external users of your applications.
    • Measure traffic by application, user, operational division, and location.
    • Monitor live performance for all users all the time, and alert against SLA breaches.
    • Detect unexpected communication between application components.
    • Check for unexpected or malicious components in identified web pages.
    • Break down application response time into contributing sources and launch troubleshooting of root causes.
    • Analyze traffic and response time among servers to manage multi-tier applications.
    • Visualize communication within the data center and across the WAN.
    • Track database access and usage patterns of every user with forensic detail in real-time and compare this information with benchmark trends to identify suspicious activity. 

    A spike in failed TCP connections could indicate a DDOS attack

    Training

    A key part of any cyber security arsenal is the ability to simulate attacks and practice detecting and mitigating them. These activities require the creation of a testbed. This testbed should be scalable, flexible, exist before the real network is deployed, and easily manageable.  It should also not be prohibitively expensive. This testbed can be used by seasoned professionals to conduct extensive wargaming to develop new tactics, and it can also serve as an entry-level trainer for employees new to the cyber security space.
    OPNET's solution suite provides a powerful framework for a cyber-security testbed. Patented hardware-in-the-loop technology combines with an extensive protocol and model library to produce an extensible and flexible network consisting of both real and simulated devices.

    • Model hundreds or thousands of devices in simulation
    • Intersperse real devices in this network including routers, firewalls, servers, and workstations
    • Use virtual machines to add end-nodes with specific operating systems and software
    • Monitor the performance of real and simulated devices in a single dashboard
    • Launch attacks and enact defenses on both the real and the simulated devices
    • Quickly re-configure the testbed setup for new scenarios.

    Combining the cyber testbed with OPNET's large set of commercial and military protocol and device models enables testing of real scenarios, with geographically dispersed forces, a mix of tactical wireless networks as well as high bandwidth wired networks, and realistic mission traffic.

    In this scenario, an attacker runs a DDOS tool against an Apache web server running on a Linux VM