Lionel Saliou
Analysis of Firewall Performance Variation to Identify the Limits of Automated Network Reconfigurations.
Saliou, Lionel; Buchanan, William J; Graves, Jamie; Munoz, Jose
Authors
Contributors
William Hutchinson
Editor
Abstract
Security in computer networks is typically passive, static, and reactive. This is typically due to most networking devices being rule-based, and when updates are necessary, they are normally done manually. Ultimately, the social and hierarchical structure of an organisation should be visible within the configuration of networks. Hence, it is desirable for a distributed system to be capable of reconfiguring itself in a timely-manner to reflect changes in policy, in practices, and in the social hierarchy, such as the promotion of a member of staff, or in the face of a security threat, such as in malware propagation.
This paper builds on the concept of an automated mitigation and reconfiguration system for networked devices, and evaluates key firewall system performance tests. These could be important in defining the criteria for the success of this type of security implementation. It thus defines a range of experiments, which evaluate firewall parameters, such as number of rules, and their position in relation to performance metrics, such as CPU utilisation, bandwidth consumption, and network latency. The paper also includes tests with up to 65,000 rules, and presents results on the positions of the rules, such as on the incoming and outgoing ports, and the effect of different network throughputs.
It concludes that networks can be made more resilient, under heavy network loads and large rule sets, if rule sets are applied on the outgoing ports. It also shows evidence that configuration interfaces are the performance bottleneck for multi-agent systems that may use these to reconfigure network equipments dynamically.
Citation
Saliou, L., Buchanan, W. J., Graves, J., & Munoz, J. (2006). Analysis of Firewall Performance Variation to Identify the Limits of Automated Network Reconfigurations. In W. Hutchinson (Ed.),
Conference Name | 5th European Conference on Information Warfare and Security |
---|---|
Start Date | Jun 1, 2006 |
End Date | Jun 2, 2006 |
Publication Date | Jun 1, 2006 |
Deposit Date | May 27, 2009 |
Publicly Available Date | May 27, 2009 |
Peer Reviewed | Peer Reviewed |
Pages | 205-214 |
ISBN | 1905305206 & 9781905305209 |
Keywords | Computer networks; Firewall performance; Automated reconfiguration; Automated mitigation; Evaluation; Configuration interface bottleneck; |
Public URL | http://researchrepository.napier.ac.uk/id/eprint/2601 |
Contract Date | May 27, 2009 |
Files
L_Saliou_2006_ECIW_Analysis_Firewall_Revised_Final.pdf
(257 Kb)
PDF
Publisher Licence URL
http://creativecommons.org/licenses/by-nc/4.0/
You might also like
Cloud Forensics.
(2012)
Presentation / Conference Contribution
A methodology to evaluate rate-based intrusion prevention system against distributed denial-of-service (DDoS).
(2011)
Presentation / Conference Contribution
Cloud-based digital forensics evaluation test (D-FET) platform.
(2011)
Presentation / Conference Contribution
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search