- 12 myths about how the Internet works
- Smartphone smackdown: Storm vs. iPhone
- IETF: Should we ignore the Kaminsky bug?
- Top 10 wicked cool algorithms
- How to recession-proof yourself
To test IPS performance, we constructed a test bed that offered traffic at multigigabit rates (see diagram). Two Spirent ThreatEx 2500 appliances offered various exploits, while two Spirent Avalanche 2500 and two Spirent Reflector 2500 appliances offered a combination of benign Web, e-mail, FTP, and DNS traffic.
All IPS systems operated in simple layer-2 bridging mode and thus were transparent to other nodes on the network. The only IP addressing used by the IPS systems was for out-of-band management ports on the sensor and/or on a separate management station.
To force traffic through an IPS, we set up untagged virtual LANs on two switches, and we attached all unprotected-side ports into one switch and all protected-side ports into the other. Because the IPS was the only bridging device on the test bed, it was the only path available between the unprotected and protected sides. Many IPS systems offered multiple pairs of bridge ports; for these, we configured multiple sets of VLANs on either switch.
Our performance tests measured the effects on benign traffic through each IPS while it also dealt with various exploits.
Using Spirent Avalanche traffic generators, we began with a baseline test involving a mix of TCP traffic types (along with a small amount of UDP-based DNS traffic) and measured forwarding rate and HTTP page response time. The TCP tests involved 1,500 concurrent users all asking for a mix of HTTP, FTP, SMTP, POP3 and a small amount of DNS over UDP.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment