A suggested testbed to evaluate multicast network and threat prevention performance of Next Generation Firewalls


Uçtu G., ALKAN M., DOĞRU İ. A., DÖRTERLER M.

Future Generation Computer Systems, cilt.124, ss.56-67, 2021 (SCI-Expanded) identifier identifier

  • Yayın Türü: Makale / Tam Makale
  • Cilt numarası: 124
  • Basım Tarihi: 2021
  • Doi Numarası: 10.1016/j.future.2021.05.013
  • Dergi Adı: Future Generation Computer Systems
  • Derginin Tarandığı İndeksler: Science Citation Index Expanded (SCI-EXPANDED), Scopus, Applied Science & Technology Source, Business Source Elite, Business Source Premier, Compendex, Computer & Applied Sciences, INSPEC, zbMATH
  • Sayfa Sayıları: ss.56-67
  • Anahtar Kelimeler: Cyber security, Next Generation Firewall, Multicast network, NGFW testbed, KEY MANAGEMENT, SECURITY, AUTHENTICATION, COMMUNICATION
  • Gazi Üniversitesi Adresli: Evet

Özet

© 2021 Elsevier B.V.Although security have to be a key issue for systems carrying intelligence such as surveillance system, it is still overshadowed by bandwidth utilization in multicast networks. Next Generation Firewalls (NGFWs), state of the art cyber security devices, can be a solution with their content awareness features for this issue. NGFWs are both security and network devices, and it is a challenge to place a NGFW in a multicast network optimally and testing NGFWs in terms of threat prevention such as web, malware and exploit attack prevention capabilities. In this study, we proposed a flexible testbed for the first time, that can evaluate NGFWs in terms of security and multicast networking performances. The most popular brand datacenter type NGFWs were also tested by using the testbed under various attacks and network designs. The results showed that NGFWs can be used as both rendezvous points in Layer 3 and bridge mode in Layer 2 in multicast networks successfully. Moreover, proposed testbed allows testing the security functions of NGFWs and benchmark them in terms of threat prevention performance.