Your SlideShare is downloading. ×
BreakingPoint & Fortinet RSA Conference 2011 Presentation: Evaluating Enterprise Firewalls
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

BreakingPoint & Fortinet RSA Conference 2011 Presentation: Evaluating Enterprise Firewalls

767

Published on

BreakingPoint and Fortinet present "How To Measure the Performance, Security, and Stability of Your Enterprise Firewall" at the 2011 RSA Conference.

BreakingPoint and Fortinet present "How To Measure the Performance, Security, and Stability of Your Enterprise Firewall" at the 2011 RSA Conference.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
767
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
31
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. How To Measure the Performance, Securityand Stability of Your Enterprise FirewallFebruary 16th at 2:30 pm
  • 2. Agenda• Throughput• Packets Per Second• Latency• Connections Per Second• Simultaneous Sessions• Stacking It Up• Real Traffic
  • 3. ThroughputWhat is it? It’s all about ‘volume’Why is it important? Maximum transfer capabilityHow is it affected? Packet size – for smaller packets we may become packet per second bound File size – for smaller files we may become connection per second bound Physical limits – bus/interface limitsHow do we find it? For UDP – Single or multiple streams of large packet sizes For TCP – multiple HTTP GETs of 32K files 3
  • 4. Packets Per SecondWhat is it? It’s all about ‘pressure’Why is it important? Small transaction characteristicsHow is it affected? Packet size – for larger packets we may become throughput boundHow do we find it? Reduce packet size until you see packets per second maximize5
  • 5. LatencyWhat is it? It’s all about ‘bursts’ Per packet (UDP) Per transaction (TCP)Why is it important? Transfer delayHow is it affected? Hardware or software Session setupHow do we find it? Measure latency at 10%, 50%, 75%, and 90% utilization7
  • 6. Connections per secondWhat is it? It’s all about ‘temperature’Why is it important? Most everything is a connectionHow is it affected? Protocol type (ICMP, UDP, TCP, etc) – TCP hardest with the most state Handled in CPUHow do we find it? HTTP 1.0 connections transferring a single byte file9
  • 7. Connections per second (cont)SYN handshake – 3 packets Data transfer – 4 packets FIN close – 3 packetsTotal of 10 packets. Can be reduced RST, piggyback gets, SACK – But this may be cheating 10
  • 8. Simultaneous sessionsWhat is it? It’s all about ‘streams’Why is it important? How many parallel requests can you handle?How is it affected? Memory is the biggest factorHow do we find it? Open, but do not complete sessions. Once all sessions are open, transfer data and close sessions11
  • 9. Stacking it up FortiGate-3950B
  • 10. Real Traffic
  • 11. Real TrafficWhy is it good? More than one variable at a time Protocol interactionWhat makes it hard? Difficult to repeat Traffic is different for every customerCan we test it? Different mixes of application traffic Standard background traffic with specific security traffic15
  • 12. How? Attack Thyself!Real Attacks• 4,500 live security attacks• 100+ evasions• Malware• Spam• DDoS and Botnet simulation• Custom attacks• Research and frequent updatesReal World Applications• 150+ application protocols• Social media, peer-to-peer, voice, video• Web and enterprise applications, gaming• Custom applications• Frequent updatesUnprecedented Performance• 120 Gbps blended application traffic• 90M concurrent TCP sessions• 3M TCP sessions/second• 38 Gbps SSL bulk encryption
  • 13. Questions and Answers17

×