Abstract
Firewalls are a well-established security mechanism to restrict the traffic exchanged between networks to a certain subset of users and applications. In order to cope with new application types like multimedia applications, new firewall architectures are necessary. The performance of these new architectures is a critical factor because Quality of Service (QoS) demands of multimedia applications have to be satisfied. We show how the performance of firewall architectures for multimedia applications can be determined. A model is presented which can be used to describe the performance of multimedia firewall architectures. This model can be used to dimension firewalls for usage with multimedia applications. In addition, we present the results of a lab experiment, used to evaluate the performance of a distributed firewall architecture and to validate the model.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
U. Roedig. Firewall Architectures for Multimedia Applications. PhD thesis, Darmstadt University of Technology, November 2002.
R. Knobbe, A. Purtell, and S. Schwab. Advanced security proxies: an architecture and implementation for high performance network firewalls. In Proceedings of DARPA information survivability conference and exposition 2000, pages 140–148, 2000.
P. Srisuresh, J. Kuthan, J. Rosenberg, A. Molitor, and A. Rayhan. Middlebox communication architecture and framework. Internet Engineering Task Force, RFC 3303, August 2002.
U. Roedig, M. Görtz, M. Karsten, and R. Steinmetz. RSVP as Firewall Signalling Protocol. In Proceedings of the 6th IEEE Symposium on Computers and Communications, Hammamet, Tunisia, pages 57–62. IEEE, July 2001.
NetScreen. NetScreen-500 System Product Description. P.Num.: 2002.6.50.1.500, 2002.
International Telecommunication Union. Network grade of service parameters and target values for circuit-switched services in the evolving ISDN. Recommendation E.721, Series E: Overall Network Operation, Telephone Service, Service Operation and human factors. Telecommunication Standardization Sector of ITU, Geneva, Switzerland, 1999.
European Telecommunications Standards Institute. End-to-End Quality of Service in TI-PHON Systems; Part 2: Definition of speech Quality of Service (QoS) classes. Draft, Telecommunications and Internet Protocol Harmonization over Networks, ETSI, 2000.
L. Kleinrock and R. Gail. Queueing Systems: Problems and Solutions. John Wiley & Sons, 1996.
B. Hickman, D. Newman, S. Tadjudin, and T. P. Martin. Benchmarking Methodology for Firewall Performance. Internet Engineering Task Force, RFC 3511, April 2003.
The Tolly Group. Test summary NetScreen-5200 versus Nokia IP740 and Cisco Systems Inc. PIX 535. Document No. 202121, March 2002.
T. Eyers and H. Schulzrinne. Predicting Internet Telephony Call Setup Delay. In Proceedings of the 1st IP-Telephony Workshop (IPtel 2000), Berlin, Germany, April 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Roedig, U., Schmitt, J. (2004). Performance Modelling and Evaluation of Firewall Architectures for Multimedia Applications. In: Mitrou, N., Kontovasilis, K., Rouskas, G.N., Iliadis, I., Merakos, L. (eds) Networking 2004. NETWORKING 2004. Lecture Notes in Computer Science, vol 3042. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24693-0_4
Download citation
DOI: https://doi.org/10.1007/978-3-540-24693-0_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21959-0
Online ISBN: 978-3-540-24693-0
eBook Packages: Springer Book Archive