Change search
ReferencesLink to record
Permanent link

Direct link
Performance Evaluations of Cisco ASA and Linux iptables Firewall Solutions
Halmstad University, School of Information Science, Computer and Electrical Engineering (IDE).
Halmstad University, School of Information Science, Computer and Electrical Engineering (IDE).
2013 (English)Independent thesis Advanced level (degree of Master (One Year)), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

A firewall is an essential component to provide network security and traffic control. It is widely used to prevent illegal accesses to private or corporate networks from external unsafe source like Internet. Firewalls are basically classified into two types, hardware firewalls and software firewalls. Hardware-based is a single external hardware to a system, but software-based is installed on a computer inside a system. Two such firewalls, Cisco ASA 5505 and Linux iptables are implemented and practical evaluated theirs performance. The performance test in this paper work primarily focuses on Network layer, and the main parameters include Throughput, Latency, and Concurrent Sessions. Different performance monitoring tools are also introduced in this paper.

As a network layer firewall, the most impressive feature is through inspecting the packets to manage the traffic from the higher Layer 4-7 of OSI (Open Systems Interconnection) model, which inevitably has a certain impact on the performance. The bottleneck of the whole network is determined by what extent the impact is. The primary objective of this thesis is through analyzing the test reports to evaluate the two type firewalls’ performance. Thus the results reported in this paper gives some ideas to new firewall customers about what aspects should be considered before selecting a suitable firewall product. 

Place, publisher, year, edition, pages
2013. , 73 p.
Keyword [en]
Firewall, Performance, Cisco, iptables
National Category
Computer Engineering Other Computer and Information Science
URN: urn:nbn:se:hh:diva-22252Local ID: IDE1302OAI: diva2:622522
Subject / course
Computer Network Engineering
2013-02-25, E3, Halmstad Univeristy, Halmstad, 13:00 (English)
Available from: 2013-05-23 Created: 2013-05-22 Last updated: 2013-05-23Bibliographically approved

Open Access in DiVA

fulltext(1929 kB)1455 downloads
File information
File name FULLTEXT01.pdfFile size 1929 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
School of Information Science, Computer and Electrical Engineering (IDE)
Computer EngineeringOther Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 1455 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 832 hits
ReferencesLink to record
Permanent link

Direct link