Relevant bibliographies by topics / Firewall Performance

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Firewall Performance'

Author: Grafiati
Published: 4 June 2021
Last updated: 8 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Firewall Performance.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Firewall Performance"

1

Mohammed, Raya Kahtan, and Yoichiro UENO. "An FPGA-based Network Firewall with Expandable Rule Description." Indonesian Journal of Electrical Engineering and Computer Science 10, no. 3 (June 1, 2018): 1310. http://dx.doi.org/10.11591/ijeecs.v10.i3.pp1310-1318.

Full text
Abstract:
<p>With the rapid growth of communications via the Internet, the need for an effective firewall system which has not badly affect the overall network performances has been increased. In this paper, a Field Programmable Gate Array (FPGA) -based firewall system with high performance has been implemented using Network FPGA (NetFPGA) with Xilinx Kintex-7 XC7K325T FPGA. Based on NetFPGA reference router project, a NetFPGA-based firewall system was implemented. The hardware module performs rule matching operation using content addressable memory (CAM) for higher speed data processing. To evaluate system performance, throughput, latency, and memory utilization were measured for different cases using different tools, also the number of rules that an incoming packet is subjected to was varied to get more readings using both software and hardware features. The results showed that the designed firewall system provides better performance than traditional firewalls. System throughput was doubled times of the one with Linux-Iptables firewalls.</p>
APA, Harvard, Vancouver, ISO, and other styles
2

Konikiewicz, Wojciech, and Marcin Markowski. "Analysis of Performance and Efficiency of Hardware and Software Firewalls." Journal of Applied Computer Science Methods 9, no. 1 (June 1, 2017): 49–63. http://dx.doi.org/10.1515/jacsm-2017-0003.

Full text
Abstract:
Abstract Firewalls are key elements of network security infrastructure. They should guarantee the proper level of security and, at the same time, the satisfying performance in order to not increase the packet delay in the network. In the paper, we present the comparative study on performance and security of a few firewall technologies including hardware, software and virtual solutions. Three important criteria are considered: the maximal throughput of firewall, the introduced delay and the ability to resist Denial of Service attacks. We report results of experiments, present analysis and formulate a few practical conclusions.
APA, Harvard, Vancouver, ISO, and other styles
3

Telkar, Prajwal S., and Dr Kiran V. "Implementation of Threat policies and Routing process in Firepower Threat Defense." Journal of University of Shanghai for Science and Technology 23, no. 06 (June 18, 2021): 833–39. http://dx.doi.org/10.51201/jusst/21/05344.

Full text
Abstract:
A firewall is a guard of the network which inspects the packets based on the rules adopted to be executed in the threat environment. This is used to block the flow of undesirable content, forbids unauthorized remote access, and impedes immoral contents, assures security based on protocol and IP address, insulates seamless activity in Enterprise networks, shields conversation and coordination contents and thus this cybersecurity tool secures the system when administering on the internet with humongous amount of malicious data threatening the performance and data of the network structure. Cisco’s next-generation firewalls are equipped to combat the menace and in this project, initially, it is focused on the working of the FTD and analyzes the steps carried out in the processes. FMC is the graphical user interface to control FTD which is connected through the management interface. Various policies such as file policy, Prefilter policy, malware policies, provide the firewall to work more efficiently on the firewall. Additionally, these firewalls are equipped with a routing process to uphold the efficiency of the firewall which behaves as a router to establish a connection between the network nodes. The routing process is implemented using the firewall which is an IP routing software suite that provides a robust facility to adapt the firewall for routing conditions.
APA, Harvard, Vancouver, ISO, and other styles
4

Azzam, Ahmad Thoriq, Rendy Munadi, and Ratna Mayasari. "Performance Analysis Of Firewall As Virtualized Network Function On VMware ESXi Hypervisor." JURNAL INFOTEL 11, no. 1 (March 25, 2019): 29. http://dx.doi.org/10.20895/infotel.v11i1.425.

Full text
Abstract:
Virtualization technology is slowly being used to build network infrastructure called Network Function Virtualization (NFV). It takes network functions such as firewall, load balancer, IPS out of its hardware then use its software to be run on high specification server. It helps reduce vendor lock-in and help create a multiplatform network function environment. It has a lot of benefits compared to a traditional network. One of them is it can reduce the number of hardware that is used in the telecom industry. This technology runs on the hypervisor that is used for the management of hardware. One of the important components from NFV is Virtualized Network Function (VNF). In NFV, network devices are run on a server so that a firewall is needed because if an attack occurs on the network it will interfere with existing network components. This paper focuses on analyzing the performance of two firewall system, pfSense, and FortiGate. Both firewalls will run on the VMware ESXi hypervisor. It aims to determine the firewall performance comparison in normal conditions without attacks and under SYN DoS attacks. We also evaluate firewall failover capabilities. Based on the results of testing obtained that overall FortiGate has better performance. It has better ability in handling DoS SYN attack because it has lower throughput performance degradation and better FTP performance compare to pfSense. We conclude that FortiGate has best performance compare with pfSense
APA, Harvard, Vancouver, ISO, and other styles
5

Prajapati, Gourishankar, and Nilay Khare. "A Comparative Study of Software Firewall on Windows and Linux Platform." INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY 14, no. 8 (June 2, 2015): 5967–78. http://dx.doi.org/10.24297/ijct.v14i8.1868.

Full text
Abstract:
Nowadays, the communication through World Wide Web (WWW) is growing rapidly. All the gadgets, computer and handheld devices are connected via wire or wireless media and communicated to each others. Thus, network security is the essential requirement of an organization or individuals. Organizations are protecting their communication from unauthorized access by introducing network firewalls. A Firewall is an application program which runs on any platform such as windows, Linux, Solaris, Macintosh etc and protected the networks or systems via implementing policies and rules. In this paper, the performance of firewall is measured and compared on Windows and Linux platform individual. To evaluate the performance, a private network has been setup in which three machines are connected via a switch; one Windows machine running windows firewall, one Linux machine running Linux firewall (IPTable) and one more machine that acting as a client. On both the platforms, the performance is measured in two situations: first when network is traffic free and second network with traffic. When network is traffic free then both the platforms reflect the common normal processing behavior in context of time and packet received per second; and when packets are pumped at a very high speed in the network then the processing time and packet received per second increases exponentially in both the platforms.
APA, Harvard, Vancouver, ISO, and other styles
6

Xuan, Shichang, Dapeng Man, Jiangchuan Zhang, Wu Yang, and Miao Yu. "Mathematical Performance Evaluation Model for Mobile Network Firewall Based on Queuing." Wireless Communications and Mobile Computing 2018 (2018): 1–13. http://dx.doi.org/10.1155/2018/8130152.

Full text
Abstract:
While mobile networks provide many opportunities for people, they face security problems huge enough that a firewall is essential. The firewall in mobile networks offers a secure intranet through which all traffic is handled and processed. Furthermore, due to the limited resources in mobile networks, the firewall execution can impact the quality of communication between the intranet and the Internet. In this paper, a performance evaluation mathematical model for firewall system of mobile networks is developed using queuing theory for a multihierarchy firewall with multiple concurrent services. In addition, the throughput and the package loss rate are employed as performance evaluation indicators, and discrete-event simulated experiments are conducted for further verification. Lastly, experimental results are compared to theoretically obtained values to identify a resource allocation scheme that provides optimal firewall performance and can offer a better quality of service (QoS) in mobile networks.
APA, Harvard, Vancouver, ISO, and other styles
7

Cho, Sung-Ho, Sung-Uk Choi, and . "A Study on Comparison of Network Location Efficiency of Web Application Firewall." International Journal of Engineering & Technology 7, no. 3.33 (August 29, 2018): 183. http://dx.doi.org/10.14419/ijet.v7i3.33.21009.

Full text
Abstract:
This paper proposes a method to optimize the performance of web application firewalls according to their positions in large scale networks. Since ports for web services are always open and vulnerable in security, the introduction of web application firewalls is essential. Methods to configure web application firewalls in existing networks are largely divided into two types. There is an in-line type where a web application firewall is located between the network and the web server to be protected. This is mostly used in small scale single networks and is vulnerable to the physical obstruction of web application firewalls. The port redirection type configured with the help of peripheral network equipment such as routers or L4 switches can maintain web services even when physical obstruction of the web application firewall occurs and is suitable for large scale networks where several web services are mixed. In this study, port redirection type web application firewalls were configured in large-scale networks and there was a problem in that the performance of routers was degraded due to the IP-based VLAN when a policy was set for the ports on the routers for web security. In order to solve this problem, only those agencies and enterprises that provide web services of networks were separated and in-line type web application firewalls were configured for them. Internet service providers (ISPs) or central line-concentration agencies can apply the foregoing to configure systems for web security for unit small enterprises or small scale agencies at low costs.
APA, Harvard, Vancouver, ISO, and other styles
8

Tsuchiya, Akihiro, Francisco Fraile, Ichiro Koshijima, Angel Ortiz, and Raul Poler. "Software defined networking firewall for industry 4.0 manufacturing systems." Journal of Industrial Engineering and Management 11, no. 2 (April 6, 2018): 318. http://dx.doi.org/10.3926/jiem.2534.

Full text
Abstract:
Purpose: In order to leverage automation control data, Industry 4.0 manufacturing systems require industrial devices to be connected to the network. Potentially, this can increase the risk of cyberattacks, which can compromise connected industrial devices to acquire production data or gain control over the production process. Search engines such as Sentient Hyper-Optimized Data Access Network (SHODAN) can be perverted by attackers to acquire network information that can be later used for intrusion. To prevent this, cybersecurity standards propose network architectures divided into several networks segments based on system functionalities. In this architecture, Firewalls limit the exposure of industrial control devices in order to minimize security risks. This paper presents a novel Software Defined Networking (SDN) Firewall that automatically applies this standard architecture without compromising network flexibility. Design/methodology/approach: The proposed SDN Firewall changes filtering rules in order to implement the different network segments according to application level access control policies. The Firewall applies two filtering techniques described in this paper: temporal filtering and spatial filtering, so that only applications in a white list can connect to industrial control devices. Network administrators need only to configure this application-oriented white lists to comply with security standards for ICS. This simplifies to a great extent network management tasks. Authors have developed a prototype implementation based on the OPC UA Standard and conducted security tests in order to test the viability of the proposal.Findings: Network segmentation and segregation are effective counter-measures against network scanning attacks. The proposed SDN Firewall effectively configures a flat network into virtual LAN segments according to security standard guidelines.Research limitations/implications: The prototype implementation still needs to implement several features to exploit the full potential of the proposal. Next steps for development are discussed in a separate section.Practical implications: The proposed SDN Firewall has similar security features to commercially available application Firewalls, but SDN Firewalls offer additional security features. First, SDN technology provides improved performance, since SDN low-level processing functions are much more efficient. Second, with SDN, security functions are rooted in the network instead of being centralized in particular network elements. Finally, SDN provides a more flexible and dynamic, zero configuration framework for secure manufacturing systems by automating the rollout of security standard-based network architectures. Social implications: SDN Firewalls can facilitate the deployment of secure Industry 4.0 manufacturing systems, since they provide ICS networks with many of the needed security capabilities without compromising flexibility. Originality/value: The paper proposes a novel SDN Firewall specifically designed to secure ICS networks. A prototype implementation of the proposed SDN Firewall has been tested in laboratory conditions. The prototype implementation complements the security features of the OPC UA communication standard to provide a holistic security framework for ICS networks.
APA, Harvard, Vancouver, ISO, and other styles
9

Bateni, Shirin, and Ali Asghar Khavasi. "DESIGN A SECURITY FIREWALL POLICY TO FILTER INCOMING TRAFFIC IN PACKET SWITCHED NETWORKS USING CLASSIFICATION METHODS." Ciência e Natura 38, no. 2 (May 31, 2016): 821. http://dx.doi.org/10.5902/2179460x21530.

Full text
Abstract:
Firewalls are core elements in network security. However, managing firewall rules, especially for enterprise networks, has become complex and error-prone. Firewall filtering rules have to be carefully written and organized in order to correctly implement the security policy. In addition, inserting or modifying a filtering rule requires to overcome and filter a range of special attacks or issues in network. In this paper, we present a machine learning based algorithm that filter Denial of Service (DoS) attacks in networks. This filtering algorithm has been designed by using a classification algorithm based on principal component and correlation based filters. We show good quality and performance of our algorithm experimentally by executing our algorithm on a several packet flow data sets.
APA, Harvard, Vancouver, ISO, and other styles
10

Parfenov, Denis I., Irina P. Bolodurina, and Vadim A. Torchin. "Development and Study of Algorithms for the Formation of Rules for Network Security Nodes in the Multi-Cloud Platform." Modeling and Analysis of Information Systems 26, no. 1 (March 15, 2019): 90–100. http://dx.doi.org/10.18255/1818-1015-2019-1-90-100.

Full text
Abstract:
As part of the study, existing solutions aimed at ensuring the security of the network perimeter of the multi-cloud platform were considered. It is established that the most acute problem is the effective formation of rules on firewalls. Existing approaches do not allow optimizing the list of rules on nodes that control access to the network. The aim of the study is to increase the effectiveness of firewall tools by conflict-free optimization of security rules and the use of a neural network approach in software-defined networks. The proposed solution is based on the sharing of intelligent mathematical approaches and modern technologies of virtualization of network functions. In the course of experimental studies, a comparative analysis of the traditional means of rule formation, the neural network approach, and the genetic algorithm was carried out. It is recommended to use the multilayer perceptron neural network classifier for automatic construction of network security rules since it gives the best results in terms of performance. It is also recommended to reduce the size of the firewall security rule list using the Kohonen network, as this tool shows the best performance. A conflict-free optimization algorithm was introduced into the designed architecture, which produces finite optimization by ranking and deriving the most common exceptions from large restrictive rules, which allows increasing protection against attacks that are aimed at identifying security rules at the bottom of the firewall list. On the basis of the proposed solution, the adaptive firewall module was implemented as part of the research.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Firewall Performance"

1

Saliou, Lionel. "Network firewall dynamic performance evaluation and formalisation." Thesis, Edinburgh Napier University, 2009. http://researchrepository.napier.ac.uk/Output/2599.

Full text
Abstract:
Computer network security is key to the daily operations of an organisation, its growth and its future. It is unrealistic for an organisation to devote all of its resources to computer network security, but equally an organisation must be able to determine whether its security policy is achievable and under which criteria. Yet, it is not often possible for an organisation: to define its security policy, especially to fully comply with the laws of the land; ensure the actual implementation on network devices; and finally audit the overall system for compliance. This thesis argues that one of the obstacles to the complete realisation of such an Integrated Security Framework is the lack of deep understanding, in particular in terms of dynamic performance, of the network devices on which the security policy will be deployed. Thus, one novelty of this research is a Dynamic Evaluation Environment for Network Security that allows the identification of the strengths and weaknesses of networked security devices, such as in network firewalls. In turn, it enables organisations to model the dynamic performance impact of security policies deployed on these devices, as well as identifying the benefit of various implementation choices, or prioritisations. Hence, this novel evaluation environment allows the creation of instances of a network firewall dynamic performance model, and this modelling is part of the Integrated Security Framework, thus enabling it to highlight when particular security requirements cannot be met by the underlying systems, or how best to achieve the objectives. More importantly, perhaps, the evaluation environment enables organisations to comply with up-coming legislation that increases an organisation's legal cover, which demands consistent and scientific evidence of fitness prior to security incidents. Dynamic evaluations produce a large amount of raw data and this often does not allow for a comprehensive analysis and interpretation of the results obtained. Along with this, it is necessary to relate the data collected to a dynamic firewall performance model. To overcome this, this research proposes a unique formalisation of the inputs and outputs of the proposed model, and this, in turn, allows for performance analysis from multiple view-points, such as: the increase security requirements in the form of larger rule-set sizes; effects of changes in terms of the underlying network equipment; or the complexity of filtering. These view-points are considered as evaluation scenarios and also have unique formalisations. Evaluations focused on two types of network firewalls and key findings include the fact that strong security policy overhead can be kept acceptable on embedded firewalls provided that out-going filtering is used. Along with this, dynamic evaluation allows the identification of the additional performance impact of unoptimised configurations, and such findings complement work that focuses on the logical properties of network firewalls. Also, these evaluations demonstrate the need for scientific rigour as the data show that the embedded and software network firewalls evaluated have different areas of strengths and weaknesses. Indeed, it appears that software firewalls are not as affected as embedded firewalls by the complexity of filtering. On the other hand, the number of rules software firewalls enforce is the main performance factor, especially for high network speeds.
APA, Harvard, Vancouver, ISO, and other styles
2

Xu, Junjie, and Wenhui Su. "Performance Evaluations of Cisco ASA and Linux iptables Firewall Solutions." Thesis, Högskolan i Halmstad, Sektionen för Informationsvetenskap, Data– och Elektroteknik (IDE), 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-22252.

Full text
Abstract:
A firewall is an essential component to provide network security and traffic control. It is widely used to prevent illegal accesses to private or corporate networks from external unsafe source like Internet. Firewalls are basically classified into two types, hardware firewalls and software firewalls. Hardware-based is a single external hardware to a system, but software-based is installed on a computer inside a system. Two such firewalls, Cisco ASA 5505 and Linux iptables are implemented and practical evaluated theirs performance. The performance test in this paper work primarily focuses on Network layer, and the main parameters include Throughput, Latency, and Concurrent Sessions. Different performance monitoring tools are also introduced in this paper. As a network layer firewall, the most impressive feature is through inspecting the packets to manage the traffic from the higher Layer 4-7 of OSI (Open Systems Interconnection) model, which inevitably has a certain impact on the performance. The bottleneck of the whole network is determined by what extent the impact is. The primary objective of this thesis is through analyzing the test reports to evaluate the two type firewalls’ performance. Thus the results reported in this paper gives some ideas to new firewall customers about what aspects should be considered before selecting a suitable firewall product.
APA, Harvard, Vancouver, ISO, and other styles
3

Niklasson, Carl, and Christian Lindström. "A comparative firewall study in terms of performance, security and configuration." Thesis, University West, Department of Economics and IT, 2008. http://urn.kb.se/resolve?urn=urn:nbn:se:hv:diva-456.

Full text
Abstract:

The goal of this report is to investigate firewalls from both the software and the hardware architecture on their security, functionality, effectives and how the configuration works. The test will consist of scans from Nessus and Nmap which both scans for information and vulnerabilities on the target device. The scans will be performed by first make a basic configuration of the firewall to test its base security. In the second scan will the devices be security configured and rescanned to give an overview on how secure they have become. The target software firewalls used in this test consists of a Debian 4.0, Mikrotik and a Windows 2003 server. The Debian and Windows distributions are both a full OS and have firewall capabilities while Mikrotik is a Linux distribution optimized to work as a firewall. A Cisco 2801 router will also be tested as it is a hardware device optimized for packet handling and have firewall capabilities, and as a router it's likely to already be in a company's network. Finally a Cisco ASA 5510 hardware firewall will be tested to show how a device designed as a firewall will compare to the other devices. The result shows that a Device like the ASA 5510 is clearly superior to any of the other devices in its performance, however the cost efficiency might be in question. The use of a software firewall might be more cost efficient, but might also be more vulnerable as other applications can be run at the OS.

APA, Harvard, Vancouver, ISO, and other styles
4

AHMAD, MUHAMMAD ZEESHAN. "Comparative Analysis of Iptables and Shorewall." Thesis, Blekinge Tekniska Högskola, Sektionen för ingenjörsvetenskap, 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-6181.

Full text
Abstract:
The use of internet has increased over the past years. Many users may not have good intentions. Some people use the internet to gain access to the unauthorized information. Although absolute security of information is not possible for any network connected to the Internet however, firewalls make an important contribution to the network security. A firewall is a barrier placed between the network and the outside world to prevent the unwanted and potentially damaging intrusion of the network. This thesis compares the performance of Linux packet filtering firewalls, i.e. iptables and shorewall. The firewall performance testing helps in selecting the right firewall as needed. In addition, it highlights the strength and weakness of each firewall. Both firewalls were tested by using the identical parameters. During the experiments, recommended benchmarking methodology for firewall performance testing is taken into account as described in RFC 3511. The comparison process includes experiments which are performed by using different tools. To validate the effectiveness of firewalls, several performance metrics such as throughput, latency, connection establishment and teardown rate, HTTP transfer rate and system resource consumption are used. The experimental results indicate that the performance of Iptables firewall decreases as compared to shorewall in all the aspects taken into account. All the selected metrics show that large numbers of filtering rules have a negative impact on the performance of both firewalls. However, UDP throughput is not affected by the number of filtering rules. The experimental results also indicate that traffic sent with different packet sizes do not affect the performance of firewalls.
Muhammad Zeeshan Ahmad: +46-700228942
APA, Harvard, Vancouver, ISO, and other styles
5

FAIRBANKS, MICHAEL STEWART. "MINIMIZING CONGESTION IN PEER-TO-PEER NETWORKS UNDER THE PRESENCE OF GUARDED NODES." University of Cincinnati / OhioLINK, 2006. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1147362818.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Sjöström, Linus. "Detecting SQL Injection Attacks in VoIP using Real-time Deep Packet Inspection : Can a Deep Packet Inspection Firewall Detect SQL Injection Attacks on SIP Traffic with Reasonable Performance?" Thesis, Linköpings universitet, Institutionen för datavetenskap, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-161072.

Full text
Abstract:
The use of the Internet has increased over the years, and it is now an integral part of our daily activities, as we often use it for everything from interacting on social media to watching videos online. Phone calls nowadays tend to use Voice over IP (VoIP), rather than the traditional phone networks. As with any other services using the Internet, these calls are vulnerable to attacks. This thesis focus on one particular attack: SQL injection in the Session Initial Protocol (SIP), where SIP is a popular protocol used within VoIP. To find different types of SQL injection, two classifiers are implemented to either classify SIP packets as "valid data" or "SQL injection". The first classifier uses regex to find SQL meta-characters in headers of interest. The second classifier uses naive Bayes with a training data set to classify. These two classifiers are then compared in terms of classification throughput, speed, and accuracy. To evaluate the performance impact of packet sizes and to better understand the classifiers resiliance against an attacker introducing large packets, a test with increasing packet sizes is also presented. The regex classifier is then implemented in a Deep Package Inspection (DPI) open-source implementation, nDPI, before being evaluated with regards to both throughput and accuracy. The result are in favor of the regex classifier as it had better accuracy and higher classification throughput. Yet, the naive Bayes classifier works better for new types of SQL injection that we do not know. It therefore argues that the best choice depends on the scenario; both classifiers have their strengths and weakness!
APA, Harvard, Vancouver, ISO, and other styles
7

Jonsson, Tomas. "LATENCY AND THROUGHPUT COMPARISON BETWEEN IPTABLES AND NFTABLES AT DIFFERENT FRAME AND RULE-SET SIZES." Thesis, Högskolan i Skövde, Institutionen för informationsteknologi, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-15255.

Full text
Abstract:
Firewalls are one of the most common security tools used in computer networks. Its purpose is to prevent unwanted traffic from coming in to or out of a computer network. In Linux, one of the most common server operating system kernels available, iptables has been the go-to firewall for nearly two decades but a proposed successor, nftables, is available. This project compared latency and throughput performance of both firewalls with ten different rule-set sizes and seven different frame sizes using both linear look-ups and indexed data structures. Latency was measured through the round-trip time of ICMP packets while throughput was measured by generating UDP traffic using iPerf3. The results showed that, when using linear look-ups, nftables performs worse than iptables when using small frame sizes and when using large rule-sets. If the frame size was fairly large and rule-set fairly small, nftables was often performed slightly better both in terms of latency and in terms of throughput. When using indexed data structures, performance of both firewalls was very similar regardless of frame size or rule-set size. Minor, but statistically significant, differences were found both in favour of and against nftables, depending on the exact parameters used.
Brandväggar är en av de vanligaste säkerhetsverktygen som används i datornätverk. Dess syfte är att förhindra oönskad trafik att komma in på eller lämna ett datornätverk. I Linux, en av de vanligaste operativsystemkärnorna som används i serversystem, har iptables varit den rekommenderade brandväggen i nästan två årtionden men en tänkt ersättare, nftables, är tillgänglig. Detta projektet jämförde latens och genomströmning för båda brandväggarna med tio olika storlekar på regeluppsättning samt sju olika ramstorlekar genom både linjära regeluppslag och indexerade datastrukturer. Latens mättes genom tur- och returtid för ICMP-paket medan genomströmning mättes genom att generera UDP-trafik med iPerf3. Resultaten visade att, när linjära regeluppslag användes, nftables presterade sämre än iptables när små ramstorlekar användes samt när stora regeluppsättningar användes. Om ramstorleken var relativt stor samt regeluppsättningen relativt liten presterade nftables något bättre än iptables både i fråga om latens och i fråga om genomströmning. När indexerade datastrukturer användes var prestandan för bägge brandväggarna jämförbar oavsett ramstorlek eller storlek på regeluppsättning. Mindre, men statistiskt signifikanta, skillnader fanns både till nftables för- och nackdel, beroende på vilka parametrar som användes.
APA, Harvard, Vancouver, ISO, and other styles
8

Sailou, Lionel. "Network firewalls dynamic performance evaluation and formalisation." Thesis, Edinburgh Napier University, 2009. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.506321.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

SHENG-ZHENG, LIN, and 林勝政. "Performance evaluation of edge computing under the SGW and eNB -- Taking firewall as an example." Thesis, 2019. http://ndltd.ncl.edu.tw/handle/q7c3z8.

Full text
Abstract:
碩士
東海大學
資訊工程學系
107
In the near future, a huge amount of network will flow through the fifth generation (5G) network since a tremendous number of IOT devices/sensors will soon connect to their application platforms via 5G. In such a heavy-traffic environment, low-latency requirement will seriously impact wireless transmission security. Also, 5G adopts Software Defined Network (SDN) and Mobile Edge Computing (MEC) which conduct short transmission delays and user-defined security may be a solution. Also, in 5G due to employing small cells of small communication ranges, compared with those adopted by 4G, the number of handover will be relatively frequent, that the migration of network services or functions will be another problem yet to be solved. In this paper, we propose a firewall establishment process which installs firewalls in an EPC or eNB. We also implement a fault tolerant mechanism to detect the hardware failures in EPC and then distribute the workload of the failed network entity to other entities of the same functions following the principles of load balance. To solve the problem of frequent handover, we design a handover procedure for each of the three environments, including Intra-MME, Inter-MME and Inter-EPC, which are tightly integrated with UE handover procedure, aiming to reduce the number of transmitted messages and the time consumed by handover. Finally, we also expect that this firewall migration process can be applied to other services, e.g., the migration of instant translation function, in the near future.
APA, Harvard, Vancouver, ISO, and other styles

Books on the topic "Firewall Performance"

1

Syme, Matthew, and Philip Goldie. Optimizing Network Performance with Content Switching: Server, Firewall and Cache Load Balancing. Prentice Hall PTR, 2003.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

Optimizing Network Performance with Content Switching: Server, Firewall and Cache Load Balancing. Prentice Hall PTR, 2003.

Find full text
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Firewall Performance"

1

Beyene, Yordanos, Michalis Faloutsos, and Harsha V. Madhyastha. "SyFi: A Systematic Approach for Estimating Stateful Firewall Performance." In Passive and Active Measurement, 74–84. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012. http://dx.doi.org/10.1007/978-3-642-28537-0_8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Shivayogimath, Chaitra N., and N. V. Uma Reddy. "Modification of L2 Learning Switch Code for Firewall Functionality in POX Controller." In Silicon Photonics & High Performance Computing, 103–14. Singapore: Springer Singapore, 2017. http://dx.doi.org/10.1007/978-981-10-7656-5_12.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Roedig, Utz, and Jens Schmitt. "Performance Modelling and Evaluation of Firewall Architectures for Multimedia Applications." In Lecture Notes in Computer Science, 38–51. Berlin, Heidelberg: Springer Berlin Heidelberg, 2004. http://dx.doi.org/10.1007/978-3-540-24693-0_4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Guo, Yuan-ni, and Ren-fa Li. "Design and Performance of Firewall System Based on Embedded Computing." In Grid and Cooperative Computing, 992–95. Berlin, Heidelberg: Springer Berlin Heidelberg, 2004. http://dx.doi.org/10.1007/978-3-540-24679-4_164.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Gandotra, Nikita, and Lalit Sen Sharma. "Performance Evaluation and Modelling of the Linux Firewall Under Stress Test." In Lecture Notes in Electrical Engineering, 751–69. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-29407-6_54.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Kiesel, Sebastian, and Michael Scharf. "Modeling and Performance Evaluation of SCTP as Transport Protocol for Firewall Control." In NETWORKING 2006. Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; Mobile and Wireless Communications Systems, 451–62. Berlin, Heidelberg: Springer Berlin Heidelberg, 2006. http://dx.doi.org/10.1007/11753810_38.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Paul, Olivier. "Improving Distributed Firewalls Performance through Vertical Load Balancing." In Lecture Notes in Computer Science, 25–37. Berlin, Heidelberg: Springer Berlin Heidelberg, 2004. http://dx.doi.org/10.1007/978-3-540-24693-0_3.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Noble, Jim, Doug Maxwell, Kyle X. Hourihan, Robert Stephens, Barry J. Stiefel, Cherie Amon, and Chris Tobkin. "Performance Pack." In Check Point NG VPN-1/Firewall-1, 477–92. Elsevier, 2003. http://dx.doi.org/10.1016/b978-193183697-5/50059-0.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

"Troubleshooting and Performance Monitoring." In The Best Damn Firewall Book Period, 367–417. Elsevier, 2003. http://dx.doi.org/10.1016/b978-193183690-6/50052-2.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

"Troubleshooting and Performance Monitoring." In Cisco Security Specialist's Guide to PIX Firewall, 553–618. Elsevier, 2002. http://dx.doi.org/10.1016/b978-193183663-0/50045-1.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Firewall Performance"

1

Pereira, Fabio Dacencio, and Edward David Moreno Ordonez. "SSDR - Reconfigurable Firewall: Reconfiguration Model Performance." In 2008 4th Southern Conference on Programmable Logic (SPL). IEEE, 2008. http://dx.doi.org/10.1109/spl.2008.4547770.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Abdul Aziz, Mohd Zafran, Muhammad Yusoff Ibrahim, Abdullatif M. Omar, Ruhani Ab Rahman, Md Mahfudz Md Zan, and Mat Ikram Yusof. "Performance analysis of application layer firewall." In 2012 IEEE Symposium on Wireless Technology & Applications (ISWTA). IEEE, 2012. http://dx.doi.org/10.1109/iswta.2012.6373838.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Arunwan, Mingphum, Tanachad Laong, and Kiattichai Atthayuwat. "Defensive performance comparison of firewall systems." In 2016 Management and Innovation Technology International Conference (MITicon). IEEE, 2016. http://dx.doi.org/10.1109/miticon.2016.8025212.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Chenghong Wang, Donghong Zhang, Hualin Lu, Jing Zhao, Zhenyu Zhang, and Zheng Zheng. "An experimental study on firewall performance: Dive into the bottleneck for firewall effectiveness." In 2014 10th International Conference on Information Assurance and Security (IAS). IEEE, 2014. http://dx.doi.org/10.1109/isias.2014.7064623.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Tan, J., D. Abramson, and C. Enticott. "Firewall Traversal in the Grid Architecture." In 2010 IEEE 12th International Conference on High Performance Computing and Communications (HPCC 2010). IEEE, 2010. http://dx.doi.org/10.1109/hpcc.2010.108.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Prout, Andrew, William Arcand, David Bestor, Bill Bergeron, Chansup Byun, Vijay Gadepally, Matthew Hubbell, et al. "Enhancing HPC security with a user-based firewall." In 2016 IEEE High Performance Extreme Computing Conference (HPEC). IEEE, 2016. http://dx.doi.org/10.1109/hpec.2016.7761641.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Xu, Jun, and Mukesh Singhal. "Design of a high-performance ATM firewall." In the 5th ACM conference. New York, New York, USA: ACM Press, 1998. http://dx.doi.org/10.1145/288090.288113.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Saleous, Heba, and Zouheir Trabelsi. "Enhancing Firewall Filter Performance Using Neural Networks." In 2019 15th International Wireless Communications and Mobile Computing Conference (IWCMC). IEEE, 2019. http://dx.doi.org/10.1109/iwcmc.2019.8766576.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Mustafa, Umniya, Mohammad M. Masud, Zouheir Trabelsi, Timothy Wood, and Zainab Al Harthi. "Firewall performance optimization using data mining techniques." In 2013 9th International Wireless Communications and Mobile Computing Conference (IWCMC 2013). IEEE, 2013. http://dx.doi.org/10.1109/iwcmc.2013.6583682.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Say, Tamer, Mustafa Alkan, Murat Dorterler, and Ibrahim Alper Dogru. "CPU Performance Test of A Home Firewall." In 2018 3rd International Conference on Computer Science and Engineering (UBMK). IEEE, 2018. http://dx.doi.org/10.1109/ubmk.2018.8566302.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Firewall Performance"

1

Hickman, B., D. Newman, S. Tadjudin, and T. Martin. Benchmarking Methodology for Firewall Performance. RFC Editor, April 2003. http://dx.doi.org/10.17487/rfc3511.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Newman, D. Benchmarking Terminology for Firewall Performance. RFC Editor, August 1999. http://dx.doi.org/10.17487/rfc2647.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Firewall Performance' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography