Future Generation Computer Systems, cilt.124, ss.56-67, 2021 (SCI-Expanded)
© 2021 Elsevier B.V.Although security have to be a key issue for systems carrying intelligence such as surveillance system, it is still overshadowed by bandwidth utilization in multicast networks. Next Generation Firewalls (NGFWs), state of the art cyber security devices, can be a solution with their content awareness features for this issue. NGFWs are both security and network devices, and it is a challenge to place a NGFW in a multicast network optimally and testing NGFWs in terms of threat prevention such as web, malware and exploit attack prevention capabilities. In this study, we proposed a flexible testbed for the first time, that can evaluate NGFWs in terms of security and multicast networking performances. The most popular brand datacenter type NGFWs were also tested by using the testbed under various attacks and network designs. The results showed that NGFWs can be used as both rendezvous points in Layer 3 and bridge mode in Layer 2 in multicast networks successfully. Moreover, proposed testbed allows testing the security functions of NGFWs and benchmark them in terms of threat prevention performance.