Fortinet black logo

Handbook

Features and Benefits

Copy Link
Copy Doc ID 1eee771d-afba-11ea-8b7d-00505692583a:839782
Download PDF

Features and benefits

FortiTester is a network traffic test tool that is based on Fortinet's specialized hardware and software platform. It provides performance tests, security tests, and ATT&CK tests.

Performance tests

HTTP CPS test

FortiTester tests HTTP new connections per second (CPS) performance by simulating multiple clients that generate HTTP traffic.

HTTP RPS test

FortiTester tests requests per second (RPS) performance by simulating multiple clients that generate HTTP traffic.

HTTP CC test

FortiTester tests HTTP concurrent connection (CC) performance by simulating multiple clients that generate HTTP traffic. All connections include a TCP three-way handshake, a loop of HTTP requests and responses (complete HTTP transaction), and close the connection with TCP FIN.

HTTP throughput test

FortiTester tests HTTP throughput performance by simulating multiple clients that generate HTTP traffic.

HTTPS CPS test

The HTTPS CPS test is almost the same as the HTTP CPS test, except that it uses HTTPS traffic, and does not have the Limit by option; also, the MTU is editable.

HTTPS RPS test

The HTTPS RPS test is the same as the HTTP RPS test, except that it uses HTTPS traffic, and does not have the Limit by option; also, the MTU is editable.

HTTPS CC test

The HTTPS CC test is the same as the HTTP CC test, except that it uses HTTPS traffic and the MTU is editable.

HTTPS throughput test

The HTTPS Throughput test is the same as the HTTP Throughput test, except that it uses HTTPS traffic and the MTU is editable.

IPsec remote access test

FortiTester tests IPSec remote access by establishing a remote access IPSec tunnel, completes a full set of HTTP transactions (TCP connection, HTTP request, HTTP response, TCP connection close) through the tunnel, and terminates the tunnel.

IPsec remote access CC test

FortiTester tests IPSec remote access tunnel concurrent connections (CC) by establishing a remote access IPSec tunnel, completes a full set of HTTP transaction (TCP connection, HTTP request, HTTP response, and TCP connection close) through the tunnel, and terminates the tunnel.

SSL VPN tunnel CC test

FortiTester tests the DUT's ability to support concurrent SSL VPN tunnel connections by establishing a large number of concurrent SSL VPN tunnel connections and completing a full round of HTTP transactions through each tunnel.

UDP PPS test

FortiTester tests UDP throughput by sending a specified size of UDP frames at a maximum or limited speed from simulated clients to simulated servers.

UDP Payload test

FortiTester tests UDP payload by sending UDP frames with the specified payload from the client ports to the server ports.

TCP throughput test

FortiTester tests TCP throughput by generating a specified volume of two-way TCP traffic flow via specified ports.

TurboTCP test

FortiTester tests TurboTCP connections per second (CPS) performance by generating a specified volume of two-way TCP traffic flow via specified ports.

TCP connection test

FortiTester tests TCP concurrent connection performance by generating a specified volume of two-way TCP traffic flow via specified ports.

RFC 2544 throughput test

FortiTester tests the ability of the DUT to handle different types of RFC 2544 throughput. According to RFC2544, throughput is the fastest rate for the number of test frames transmitted by the DUT, which is equal to the number of test frames sent to it by the test equipment.

RFC 2544 latency test

FortiTester tests the ability of the DUT to handle different types of RFC 2544 latency. According to RFC1242, for store and forward devices, latency is the time interval starting when the last bit of the input frame reaches the input port and ending when the first bit of the output frame is seen on the output port.

RFC 2544 loss rate test

FortiTester tests the ability of the DUT to handle different types of RFC 2544 loss rate. According to RFC2544, to determine the frame loss rate, as defined in RFC1242 of a DUT throughout the entire range of input data rates and frame sizes.

RFC 2544 back to back test

FortiTester tests the ability of the DUT to handle different types of RFC 2544 back to back. According to RFC 2544, to characterize the ability of a DUT to process back-to-back frames as defined in RFC 1242.

RFC 3511 IP throughput test

FortiTester tests the ability of the DUT to handle network-layer data throughput. RFC 3511 is specifically focused on firewall performance.

RFC 3511 Concurrent Capacity throughput test

FortiTester tests the ability of the DUT to determine the maximum number of entries it can store in its connection table.

Amazon S3 test

The Amazon S3 test simulates Amazon S3 (Simple Storage Service) traffic, such as file uploading and downloading, and folder creating.

AOL Chat test

The AOL Chat (AIM) establishes a TCP connection (three-way handshake), simulates a AIM session, and closes the TCP connection.

BitTorrent test

The TCP BitTorrent test simulates a download process between peers.

DB2 test

The DB2 test establishes a TCP connection (three-way handshake), sends SQL command by DB2, and then closes the TCP connection.

Facebook test

The Facebook test simulates Facebook traffic, such as login, search and watch video.

Gtalk test

The Gtalk test establishes a TCP connection (three-way handshake), simulates a Gtalk chat by XMPP, and closes the TCP connection.

Gmail test

The Gmail test establishes a TCP connection (three-way handshake), sends one email by Gmail and closes the TCP connection.

MSSQL test

The test traffic establishes a TCP connection (three-way handshake), sends MSSQL command by MSSQL client, and then closes the TCP connection.

MySQL test

The MySQL test establishes a TCP connection (three-way handshake), sends SQL command by MySQL, and then closes the TCP connection.

Netflix test

The Netflix test establishes a TCP connection (three-way handshake), and simulates Netflix traffic, such as login, watching movie and logout.

Oracle TNS test

The Oracle TNS test establishes a TCP connection (three-way handshake), connects and authenticates to databases, and then closes the TCP connection.

PSQL test

This FortiTester test establishes a TCP connection (three-way handshake), send psql command by PSQL, and then closes the TCP connection.

Twitter test

The Twitter test simulates Twitter traffic, such as post article and watch video.

WebEx test

The WebEx test establishes a TCP connection (three-way handshake), and simulates WebEx traffic, such as login and WebEx.

WhatsApp test

The WhatsApp case establishes a TCP connection(three-way handshake), controls media sessions between end points and closes the TCP connection.

Yahoo Mail test

The Yahoo Mail test establishes a TCP connection (three-way handshake), sends one email by Yahoo and closes the TCP connection.

YouTube test

The TCP YouTube test simulates YouTube client to connect to a YouTube server and access audio or video streams.

TCP Protocol CIFS/SMB test

The TCP CIFS/SMB test establishes a TCP connection (three-way handshake), simulates a SMBv2 session, and closes the TCP connection.

TCP Protocol FIX test

The TCP FIX test establishes a TCP connection (three-way handshake), simulates a FIXv3 session, and closes the TCP connection.

TCP Protocol FTP test

This FortiTester test establishes a TCP connection (three-way handshake), transfers one file by FTP, and then closes the TCP.

TCP Protocol IMAP test

FortiTester tests the ability of the DUT to handle different types of IMAP. This test establishes a TCP connection (three-way handshake), receives one email by IMAP and closes the TCP connection.

TCP Protocol LDAP test

This FortiTester test establishes a TCP connection (three-way handshake), searches entries by LDAP, and then closes the TCP connection.

TCP Protocol NFS test

The TCP NFS test establishes a TCP connection (three-way handshake), simulates a NFSv3 session, and closes the TCP connection.

TCP Protocol POP3 test

FortiTester tests the ability of the DUT to handle different types of POP3. This test traffic establishes a TCP connection (three-way handshake), receives one mail by POP3 and closes the TCP connection.

TCP Protocol RDP test

The test traffic establishes a TCP connection (three-way handshake), constructs a RDP connection, sends fastpath format events and then closes the TCP connection.

TCP Protocol SMTP test

FortiTester tests performance of a target device under SMTP traffic by simulating a volume of clients to generate SMTP traffic.

TCP Protocol SSH test

This test establishes a TCP connection (three-way handshake), simulates a SSH interactive session and closes the TCP connection.

UDP Protocol DNS latency test

FortiTester tests the latency of the DUT while handling DNS query requests. The DUT could be a gateway device or a DNS server. This test traffic sends DNS requests to a DNS server and measures latency.

UDP Protocol NTP test

The NTP test sends NTP query traffic to an NTP server under test. FortiTester receives real time information from the DUT and measures latency.

UDP Protocol RADIUS test

The RADIUS test sends RADIUS requests to a RADIUS server to measure the number of response types per second.

UDP Protocol SIP test

FortiTester tests UDP SIP by sending UDP frames with the specified SIP from the client ports to the server ports.

UDP Protocol TFTP test

The TFTP test sends TFTP requests to a TFTP server to measure the number of requests sent and performed per second.

DHCP test

The IPv4 DHCP test sends DHCP requests to the DHCP server and measures latency. The IPv6 DHCP test sends NS and RA messages to request an IPv6 address through DHCPv6 stateless mode.

IGMP test

The IGMP test sends join messages to the device under test (DUT), such as a router or firewall, and the DUT forwards the data stream from the server.

RTSP/RTP test

The RTSP/RTP test establishes a TCP connection with a three-way handshake, controls media sessions between end points, and closes the TCP connection. This test also tests the firewall's ability to open and close pinholes.

Traffic Replay test

FortiTester tests user-defined scenarios by replaying pcap files. Typically, pcap files are generated by programs like tcpdump or Wireshark.

GTP Replay test

FortiTester tests GTP connections by replaying existing GTPv1 and GTPv2 files. FortiTester uses these files to send test packets to the device under test (DUT).

Packet capture test

The packet capture test captures packets received from the network adapter.

Mixed traffic test

FortiTester tests mixed traffic performance by simulating multiple clients that burst all types of traffic simultaneously.

Security tests

DDoS single packet flood test

FortiTester tests the DUT's ability to handle different types of DDoS attacks. This test attempts to deplete the DUT's resources by flooding the DUT with non-session based attacks.

DDoS TCP session flood test

FortiTester tests the DUT's ability to handle different types of DDoS attacks. This test attempts to deplete the DUT's resources by flooding the DUT with TCP attacks.

DDoS HTTP session flood test

FortiTester tests the DUT's ability to handle attempts to deplete the DUT's resources by flooding the DUT with HTTP attacks.

DDoS concurrent session flood test

FortiTester tests the DUT's ability to handle attempts to deplete the DUT's resources. FortiTester floods the DUT with HTTP attacks and then puts the session on hold for an extended period of time.

DDoS UDP packet flood test

FortiTester tests the DUT's ability to handle attempts to deplete DUT's resources. FortiTester floods the DUT with UDP packets with random source IP and port on client-traffic side.

IPS Attack Replay test

FortiTester can test security systems by replaying a predefined or customized set of attack traffic. The predefined set covers 100 types of attacks. The test result shows the CVE-ID for every type of attack. You can also see the attack list in the Cases > Security Testing > IPS > Attack page.

IPS HTTP Evasion test

The HTTP Evasion Replay test replays packet tampered through HTTP evasion engine. FortiTester corrupts custom HTTP pcap file according to the selected Evasion Types, then replay such corrupted pcap files to target servers to see if servers have the ability to resist such attack.

AntiVirus test

This test sends files with HTTP/FTP/SMTP/IMAP/POP3 protocol and detect viruses in files.

Web crawler test

The web crawler test runs a web crawler simulation to query URLs through the DUT. This is done to test the DUT's web access security policies.

Web Protection test

The Web Protection test simulates sending web application attacks expected to be detected by the security DUT..

ATT&CK tests

ATT&CK Testing

FortiTester simulates the actions that a real adversary would do on the clients' systems. It features a Remote Access Tool (RAT) that performs adversary actions on infected hosts and copies itself over the whole network to increase its foothold.

Features and benefits

FortiTester is a network traffic test tool that is based on Fortinet's specialized hardware and software platform. It provides performance tests, security tests, and ATT&CK tests.

Performance tests

HTTP CPS test

FortiTester tests HTTP new connections per second (CPS) performance by simulating multiple clients that generate HTTP traffic.

HTTP RPS test

FortiTester tests requests per second (RPS) performance by simulating multiple clients that generate HTTP traffic.

HTTP CC test

FortiTester tests HTTP concurrent connection (CC) performance by simulating multiple clients that generate HTTP traffic. All connections include a TCP three-way handshake, a loop of HTTP requests and responses (complete HTTP transaction), and close the connection with TCP FIN.

HTTP throughput test

FortiTester tests HTTP throughput performance by simulating multiple clients that generate HTTP traffic.

HTTPS CPS test

The HTTPS CPS test is almost the same as the HTTP CPS test, except that it uses HTTPS traffic, and does not have the Limit by option; also, the MTU is editable.

HTTPS RPS test

The HTTPS RPS test is the same as the HTTP RPS test, except that it uses HTTPS traffic, and does not have the Limit by option; also, the MTU is editable.

HTTPS CC test

The HTTPS CC test is the same as the HTTP CC test, except that it uses HTTPS traffic and the MTU is editable.

HTTPS throughput test

The HTTPS Throughput test is the same as the HTTP Throughput test, except that it uses HTTPS traffic and the MTU is editable.

IPsec remote access test

FortiTester tests IPSec remote access by establishing a remote access IPSec tunnel, completes a full set of HTTP transactions (TCP connection, HTTP request, HTTP response, TCP connection close) through the tunnel, and terminates the tunnel.

IPsec remote access CC test

FortiTester tests IPSec remote access tunnel concurrent connections (CC) by establishing a remote access IPSec tunnel, completes a full set of HTTP transaction (TCP connection, HTTP request, HTTP response, and TCP connection close) through the tunnel, and terminates the tunnel.

SSL VPN tunnel CC test

FortiTester tests the DUT's ability to support concurrent SSL VPN tunnel connections by establishing a large number of concurrent SSL VPN tunnel connections and completing a full round of HTTP transactions through each tunnel.

UDP PPS test

FortiTester tests UDP throughput by sending a specified size of UDP frames at a maximum or limited speed from simulated clients to simulated servers.

UDP Payload test

FortiTester tests UDP payload by sending UDP frames with the specified payload from the client ports to the server ports.

TCP throughput test

FortiTester tests TCP throughput by generating a specified volume of two-way TCP traffic flow via specified ports.

TurboTCP test

FortiTester tests TurboTCP connections per second (CPS) performance by generating a specified volume of two-way TCP traffic flow via specified ports.

TCP connection test

FortiTester tests TCP concurrent connection performance by generating a specified volume of two-way TCP traffic flow via specified ports.

RFC 2544 throughput test

FortiTester tests the ability of the DUT to handle different types of RFC 2544 throughput. According to RFC2544, throughput is the fastest rate for the number of test frames transmitted by the DUT, which is equal to the number of test frames sent to it by the test equipment.

RFC 2544 latency test

FortiTester tests the ability of the DUT to handle different types of RFC 2544 latency. According to RFC1242, for store and forward devices, latency is the time interval starting when the last bit of the input frame reaches the input port and ending when the first bit of the output frame is seen on the output port.

RFC 2544 loss rate test

FortiTester tests the ability of the DUT to handle different types of RFC 2544 loss rate. According to RFC2544, to determine the frame loss rate, as defined in RFC1242 of a DUT throughout the entire range of input data rates and frame sizes.

RFC 2544 back to back test

FortiTester tests the ability of the DUT to handle different types of RFC 2544 back to back. According to RFC 2544, to characterize the ability of a DUT to process back-to-back frames as defined in RFC 1242.

RFC 3511 IP throughput test

FortiTester tests the ability of the DUT to handle network-layer data throughput. RFC 3511 is specifically focused on firewall performance.

RFC 3511 Concurrent Capacity throughput test

FortiTester tests the ability of the DUT to determine the maximum number of entries it can store in its connection table.

Amazon S3 test

The Amazon S3 test simulates Amazon S3 (Simple Storage Service) traffic, such as file uploading and downloading, and folder creating.

AOL Chat test

The AOL Chat (AIM) establishes a TCP connection (three-way handshake), simulates a AIM session, and closes the TCP connection.

BitTorrent test

The TCP BitTorrent test simulates a download process between peers.

DB2 test

The DB2 test establishes a TCP connection (three-way handshake), sends SQL command by DB2, and then closes the TCP connection.

Facebook test

The Facebook test simulates Facebook traffic, such as login, search and watch video.

Gtalk test

The Gtalk test establishes a TCP connection (three-way handshake), simulates a Gtalk chat by XMPP, and closes the TCP connection.

Gmail test

The Gmail test establishes a TCP connection (three-way handshake), sends one email by Gmail and closes the TCP connection.

MSSQL test

The test traffic establishes a TCP connection (three-way handshake), sends MSSQL command by MSSQL client, and then closes the TCP connection.

MySQL test

The MySQL test establishes a TCP connection (three-way handshake), sends SQL command by MySQL, and then closes the TCP connection.

Netflix test

The Netflix test establishes a TCP connection (three-way handshake), and simulates Netflix traffic, such as login, watching movie and logout.

Oracle TNS test

The Oracle TNS test establishes a TCP connection (three-way handshake), connects and authenticates to databases, and then closes the TCP connection.

PSQL test

This FortiTester test establishes a TCP connection (three-way handshake), send psql command by PSQL, and then closes the TCP connection.

Twitter test

The Twitter test simulates Twitter traffic, such as post article and watch video.

WebEx test

The WebEx test establishes a TCP connection (three-way handshake), and simulates WebEx traffic, such as login and WebEx.

WhatsApp test

The WhatsApp case establishes a TCP connection(three-way handshake), controls media sessions between end points and closes the TCP connection.

Yahoo Mail test

The Yahoo Mail test establishes a TCP connection (three-way handshake), sends one email by Yahoo and closes the TCP connection.

YouTube test

The TCP YouTube test simulates YouTube client to connect to a YouTube server and access audio or video streams.

TCP Protocol CIFS/SMB test

The TCP CIFS/SMB test establishes a TCP connection (three-way handshake), simulates a SMBv2 session, and closes the TCP connection.

TCP Protocol FIX test

The TCP FIX test establishes a TCP connection (three-way handshake), simulates a FIXv3 session, and closes the TCP connection.

TCP Protocol FTP test

This FortiTester test establishes a TCP connection (three-way handshake), transfers one file by FTP, and then closes the TCP.

TCP Protocol IMAP test

FortiTester tests the ability of the DUT to handle different types of IMAP. This test establishes a TCP connection (three-way handshake), receives one email by IMAP and closes the TCP connection.

TCP Protocol LDAP test

This FortiTester test establishes a TCP connection (three-way handshake), searches entries by LDAP, and then closes the TCP connection.

TCP Protocol NFS test

The TCP NFS test establishes a TCP connection (three-way handshake), simulates a NFSv3 session, and closes the TCP connection.

TCP Protocol POP3 test

FortiTester tests the ability of the DUT to handle different types of POP3. This test traffic establishes a TCP connection (three-way handshake), receives one mail by POP3 and closes the TCP connection.

TCP Protocol RDP test

The test traffic establishes a TCP connection (three-way handshake), constructs a RDP connection, sends fastpath format events and then closes the TCP connection.

TCP Protocol SMTP test

FortiTester tests performance of a target device under SMTP traffic by simulating a volume of clients to generate SMTP traffic.

TCP Protocol SSH test

This test establishes a TCP connection (three-way handshake), simulates a SSH interactive session and closes the TCP connection.

UDP Protocol DNS latency test

FortiTester tests the latency of the DUT while handling DNS query requests. The DUT could be a gateway device or a DNS server. This test traffic sends DNS requests to a DNS server and measures latency.

UDP Protocol NTP test

The NTP test sends NTP query traffic to an NTP server under test. FortiTester receives real time information from the DUT and measures latency.

UDP Protocol RADIUS test

The RADIUS test sends RADIUS requests to a RADIUS server to measure the number of response types per second.

UDP Protocol SIP test

FortiTester tests UDP SIP by sending UDP frames with the specified SIP from the client ports to the server ports.

UDP Protocol TFTP test

The TFTP test sends TFTP requests to a TFTP server to measure the number of requests sent and performed per second.

DHCP test

The IPv4 DHCP test sends DHCP requests to the DHCP server and measures latency. The IPv6 DHCP test sends NS and RA messages to request an IPv6 address through DHCPv6 stateless mode.

IGMP test

The IGMP test sends join messages to the device under test (DUT), such as a router or firewall, and the DUT forwards the data stream from the server.

RTSP/RTP test

The RTSP/RTP test establishes a TCP connection with a three-way handshake, controls media sessions between end points, and closes the TCP connection. This test also tests the firewall's ability to open and close pinholes.

Traffic Replay test

FortiTester tests user-defined scenarios by replaying pcap files. Typically, pcap files are generated by programs like tcpdump or Wireshark.

GTP Replay test

FortiTester tests GTP connections by replaying existing GTPv1 and GTPv2 files. FortiTester uses these files to send test packets to the device under test (DUT).

Packet capture test

The packet capture test captures packets received from the network adapter.

Mixed traffic test

FortiTester tests mixed traffic performance by simulating multiple clients that burst all types of traffic simultaneously.

Security tests

DDoS single packet flood test

FortiTester tests the DUT's ability to handle different types of DDoS attacks. This test attempts to deplete the DUT's resources by flooding the DUT with non-session based attacks.

DDoS TCP session flood test

FortiTester tests the DUT's ability to handle different types of DDoS attacks. This test attempts to deplete the DUT's resources by flooding the DUT with TCP attacks.

DDoS HTTP session flood test

FortiTester tests the DUT's ability to handle attempts to deplete the DUT's resources by flooding the DUT with HTTP attacks.

DDoS concurrent session flood test

FortiTester tests the DUT's ability to handle attempts to deplete the DUT's resources. FortiTester floods the DUT with HTTP attacks and then puts the session on hold for an extended period of time.

DDoS UDP packet flood test

FortiTester tests the DUT's ability to handle attempts to deplete DUT's resources. FortiTester floods the DUT with UDP packets with random source IP and port on client-traffic side.

IPS Attack Replay test

FortiTester can test security systems by replaying a predefined or customized set of attack traffic. The predefined set covers 100 types of attacks. The test result shows the CVE-ID for every type of attack. You can also see the attack list in the Cases > Security Testing > IPS > Attack page.

IPS HTTP Evasion test

The HTTP Evasion Replay test replays packet tampered through HTTP evasion engine. FortiTester corrupts custom HTTP pcap file according to the selected Evasion Types, then replay such corrupted pcap files to target servers to see if servers have the ability to resist such attack.

AntiVirus test

This test sends files with HTTP/FTP/SMTP/IMAP/POP3 protocol and detect viruses in files.

Web crawler test

The web crawler test runs a web crawler simulation to query URLs through the DUT. This is done to test the DUT's web access security policies.

Web Protection test

The Web Protection test simulates sending web application attacks expected to be detected by the security DUT..

ATT&CK tests

ATT&CK Testing

FortiTester simulates the actions that a real adversary would do on the clients' systems. It features a Remote Access Tool (RAT) that performs adversary actions on infected hosts and copies itself over the whole network to increase its foothold.