Performance test for a Security tool
Q1: I'm doing Performance test for a security tool curruntly, I think I should do some load test and volume test to it. But I don't know if it's enough. Do you have some good suggestions?
Q2: What test tools are good at test Performance of security tool?
I searched on this forum, and find it seems both QAload and LoadRunner can do load test and volume test, right? For instance, I plan to do load test on a web server, such as IIS and Apache. And I may do volume test to Mysql or SQLServer. BTW, test them with/without the security tool I'm testing.
Q3: What kind of Benchmark could be refer to?
For examply, SQL Server provide it's own benchmark. Then after install the security tool, how many times deduct is accepted?
Thank you very much to you!
Re: Performance test for a Security tool
1) on www.perftestplus.com under presentations, there is presentation called "Security Testing" that Chris Walters and I presented at the Rational Users Conference, check it out - it's all about doing a fairly comprehensive security audit using Rational's Performance Testing Tool which leads me to...
2) check out Rational. You can definately do the things you are talking about, but it's also only a couple lines of code to do things like write a port scanner to see what is open or penatrable or to transmit malformed header information, etc.
Scott Barber, Sr. Performance Engineer