Firewall Security: Policies, Testing and Performance Evaluation

Authors:
Michael R. Lyu;Lorrien K. Y. Lau
Affiliations:
-;-
Venue:
COMPSAC '00 24th International Computer Software and Applications Conference
Year:
2000

Citing 0
Cited 11

VCSTC: Virtual Cyber Security Testing Capability --- An Application Oriented Paradigm for Network Infrastructure Protection

TestCom '08 / FATES '08 Proceedings of the 20th IFIP TC 6/WG 6.1 international conference on Testing of Software and Communicating Systems: 8th International Workshop
Resiliency of open-source firewalls against remote discovery of last-matching rules

Proceedings of the 2nd international conference on Security of information and networks
Online adaptive firewall allocation in internet data center

Computer Communications
Discovering last-matching rules in popular open-source and commercial firewalls

International Journal of Internet Protocol Technology
An entropy-based countermeasure against intelligent dos attacks targeting firewalls

POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Model checking firewall policy configurations

POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
First step towards automatic correction of firewall policy faults

LISA'10 Proceedings of the 24th international conference on Large installation system administration
Firewall policy change-impact analysis

ACM Transactions on Internet Technology (TOIT)
First step towards automatic correction of firewall policy faults

ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Real-Time Cross-Layer Design: Real-time cross-layer design for a large-scale flood detection and attack trace-back mechanism in IEEE 802.11 wireless mesh networks

Network Security
Change-impact analysis of firewall policies

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper explores the firewall security and performance relationship for distributed systems. Experiments are conducted to set firewall security into seven different levels and to quantify their performance impacts. These firewall security levels are formulated, designed, implemented, and tested phase by phase under an experimental environment in which all performed tests are evaluated and compared. Based on the test results, the impacts of the various firewall security levels on system performance with respect to transaction time and latency are measured and analyzed. It is interesting to note that the intuitive belief about security to performance, i.e. the more security would result in less performance, does not always hold in the firewall testing. The results reveal that the significant impact from enhanced security on performance could only be observed under some particular scenarios and thus their relationships are not necessarily inversely related. We also discuss the tradeoff between security and performance.