Share Email Print

Proceedings Paper

Performance optimization of internet firewalls
Author(s): Tzi-cker Chiueh; Allen Ballman
Format Member Price Non-Member Price
PDF $17.00 $21.00

Paper Abstract

Internet firewalls control the data traffic in and out of an enterprise network by checking network packets against a set of rules that embodies an organization's security policy. Because rule checking is computationally more expensive than routing-table look-up, it could become a potential bottleneck for scaling up the performance of IP routers, which typically implement firewall functions in software. in this paper, we analyzed the performance problems associated with firewalls, particularly packet filters, propose a good connection cache to amortize the costly security check over the packets in a connection, and report the preliminary performance results of a trace-driven simulation that show the average packet check time can be reduced by a factor of 2.5 at the least.

Paper Details

Date Published: 17 January 1997
PDF: 6 pages
Proc. SPIE 2915, Video Techniques and Software for Full-Service Networks, (17 January 1997); doi: 10.1117/12.263388
Show Author Affiliations
Tzi-cker Chiueh, SUNY/Stony Brook (United States)
Allen Ballman, SUNY/Stony Brook (United States)

Published in SPIE Proceedings Vol. 2915:
Video Techniques and Software for Full-Service Networks
Andrew G. Tescher; Tzi-cker Chiueh, Editor(s)

© SPIE. Terms of Use
Back to Top
Sign in to read the full article
Create a free SPIE account to get access to
premium articles and original research
Forgot your username?