Is your hardware living up to expectations, or does it have holes??

With the help of one of the world’s best-known hackers, a little-known Texas startup hopes to give internet service providers and enterprises a way to tell if their networking hardware is living up to its promises.

Late this month, BreakingPoint Systems plans to launch a new network test appliance that sniffs out security holes in devices like load balancers, intrusion prevention systems and routers. Called the BPS-1000, the device also gives users a way to see how their networking equipment performs under a high volume of networking traffic, says Dennis Cox, BreakingPoint’s chief technology officer.

Cox and co-founder Craig Cantrell came up with the idea for BreakingPoint two years ago while working at 3Com’s TippingPoint division, where they realised they were spending more money on testing equipment than they were on building products. What began as a running joke “every time we had to sign a purchase order for a half-million dollars worth of test equipment,” eventually became a business plan, Cox says.

That vision is to build a product that gives customers an accurate picture of how their networking gear will behave in the real world — before the bad guys have a chance to attack.

Shortly after the company was founded in September 2005, Cox hired HD Moore, maintainer of the popular Metasploit security testing tool. “He was one of the first guys I called up,” says Cox. “There is no better person in the US to break things than HD.”

Today BreakingPoint has over 30 employees, including three security researchers who work with Moore to help develop BreakingPoint’s security testing capabilities. Their job is to “do only evil,” Cox jokes, a play on Google’s “Don’t be evil” corporate motto.

While BreakingPoint’s appliance does not use any of the Metasploit code, the company is leveraging Moore’s expertise as a bug-finder to offer customers a service called Strike Pack, which tests to see if about 2,500 attacks — some of which have not yet been publicly reported — are blocked on the network.

Over the past few weeks, Breaking-Point has already begun shipping its first few systems to network equipment makers, who are using it to test their own products. But Cox says his company is also talking to enterprise customers — particularly in the internet and financial services markets.

Networking administrators can use the BPS-1000 to get a fix on how well their gear is really performing, something that some networking vendors try to hide with puffed up marketing materials, he says.

“We believe that the network equipment manufacturers are selling equipment that isn’t meeting its specifications,” he says.

Enterprises “have service level agreements with a lot of these companies and they would like to prove their SLAs are not being met,” Cox says. “That would save them money.”