BreakingPoint & Fortinet RSA Conference 2011 Presentation: Evaluating Enterprise Firewalls
Upcoming SlideShare
Loading in...5
×
 

BreakingPoint & Fortinet RSA Conference 2011 Presentation: Evaluating Enterprise Firewalls

on

  • 925 views

BreakingPoint and Fortinet present "How To Measure the Performance, Security, and Stability of Your Enterprise Firewall" at the 2011 RSA Conference.

BreakingPoint and Fortinet present "How To Measure the Performance, Security, and Stability of Your Enterprise Firewall" at the 2011 RSA Conference.

Statistics

Views

Total Views
925
Slideshare-icon Views on SlideShare
925
Embed Views
0

Actions

Likes
0
Downloads
14
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    BreakingPoint & Fortinet RSA Conference 2011 Presentation: Evaluating Enterprise Firewalls BreakingPoint & Fortinet RSA Conference 2011 Presentation: Evaluating Enterprise Firewalls Presentation Transcript

    • How To Measure the Performance, Securityand Stability of Your Enterprise FirewallFebruary 16th at 2:30 pm
    • Agenda• Throughput• Packets Per Second• Latency• Connections Per Second• Simultaneous Sessions• Stacking It Up• Real Traffic
    • ThroughputWhat is it? It’s all about ‘volume’Why is it important? Maximum transfer capabilityHow is it affected? Packet size – for smaller packets we may become packet per second bound File size – for smaller files we may become connection per second bound Physical limits – bus/interface limitsHow do we find it? For UDP – Single or multiple streams of large packet sizes For TCP – multiple HTTP GETs of 32K files 3
    • Packets Per SecondWhat is it? It’s all about ‘pressure’Why is it important? Small transaction characteristicsHow is it affected? Packet size – for larger packets we may become throughput boundHow do we find it? Reduce packet size until you see packets per second maximize5
    • LatencyWhat is it? It’s all about ‘bursts’ Per packet (UDP) Per transaction (TCP)Why is it important? Transfer delayHow is it affected? Hardware or software Session setupHow do we find it? Measure latency at 10%, 50%, 75%, and 90% utilization7
    • Connections per secondWhat is it? It’s all about ‘temperature’Why is it important? Most everything is a connectionHow is it affected? Protocol type (ICMP, UDP, TCP, etc) – TCP hardest with the most state Handled in CPUHow do we find it? HTTP 1.0 connections transferring a single byte file9
    • Connections per second (cont)SYN handshake – 3 packets Data transfer – 4 packets FIN close – 3 packetsTotal of 10 packets. Can be reduced RST, piggyback gets, SACK – But this may be cheating 10
    • Simultaneous sessionsWhat is it? It’s all about ‘streams’Why is it important? How many parallel requests can you handle?How is it affected? Memory is the biggest factorHow do we find it? Open, but do not complete sessions. Once all sessions are open, transfer data and close sessions11
    • Stacking it up FortiGate-3950B
    • Real Traffic
    • Real TrafficWhy is it good? More than one variable at a time Protocol interactionWhat makes it hard? Difficult to repeat Traffic is different for every customerCan we test it? Different mixes of application traffic Standard background traffic with specific security traffic15
    • How? Attack Thyself!Real Attacks• 4,500 live security attacks• 100+ evasions• Malware• Spam• DDoS and Botnet simulation• Custom attacks• Research and frequent updatesReal World Applications• 150+ application protocols• Social media, peer-to-peer, voice, video• Web and enterprise applications, gaming• Custom applications• Frequent updatesUnprecedented Performance• 120 Gbps blended application traffic• 90M concurrent TCP sessions• 3M TCP sessions/second• 38 Gbps SSL bulk encryption
    • Questions and Answers17