INTRODUCTION
Network security is one of the most critical issues facing today's internet. Traditionally, for an enterprise, a firewall was used as a first line of defense. With more complicated network environment and mature attack means, the traditional firewall strategy cannot meet the demands of security. For the combined protection against complex and blended threats, multiple security features are integrated into a unified security architecture that results in a Unified Threat Management (UTM) appliance. Unified Threat Management products integrate multiple security features, such as firewall, VPN, intrusion detection and prevention systems, antivirus, spam blocking, URL filtering, content filtering and network monitoring into a single secure appliance (Qi et al., 2007). The design challenges of implementing a UTM are: -the performance of multiple functions, cost effectiveness, scalability and co-existence with third party software.
With the increase in the network speeds and also the increase in the security threats, the implementation of high performance UTM is essential. Multi-core technology offers high performance, scalability and energy efficiency. UTM processing can be decomposed into parallel activities such as per packet, per flow or type of processing.
A multicore processor (or Chip-level Multiprocessor, CMP) combines two or more independent cores into a single Integrated Circuit (IC) and performs multiprocessing (Lee and Shakaff, 2008). Multicore architecture has become more and more widely used in intensive computing applications as well as in computer networking systems. The amount of improvement in performance by the use of a multicore processor is dependent on the software algorithms and their implementation. Scheduling of parallel activities on the multicore processor is very vital to improve the performance of the system. The underlying hardware of the multicore processor has to be effectively used to obtain the optimum performance of the system.
The design challenges of implementing a UTM are: The performance of multiple functions, cost effectiveness, scalability and co-existence with third party software. Multiple functions of UTM are to be performed simultaneously at required performance levels. Discussed the concept of defining the policies for the flow based on the classification and the implementation of the different policies for the first packet and subsequent packets of the same flow. Classification, rule based policy enforcement and signature based policy enforcement are some of the common processes for UTM. Pattern matching is used in content filtering, URL filtering, spam filtering and intrusion detection functions.
In this study, we present the performance analysis of UTM functions by varying the assignment of CPUs of Sun Microsystems Ultra SPARC T1 processor. OpenMP is used for parallelizing the code for execution on the hardware threads referred as CPUs. We also proposed the type of parallelization based on the UTM function for better throughput.
MATERIALS AND METHODS
The performance evaluation is done on Sun Fire T1000 server having Sun Microsystems Ultra SPARC T1 processor. Sun Studio12 Update 1 Integrated Development Environment (IDE) on Solaris 10 Operating System was used to develop the programs in C language and to test the programs. OpenMP parallelizing features are used for implementing parallelism within each process. Libpcap Application Program Interface (API) is used for reading the packets from the physical interface or writing the packets to the physical interface. Furthermore, POSIX.1b Real-time Extension Library is used for message passing, process scheduling and timer options. System V message queues are used for queuing the packets between various stages.
No comments:
Post a Comment