Performance Evaluation and Comparison of Network Firewalls Under DDoS Attack
Network firewalls act as the first line of defense against unwanted and malicious traffic and also represent critical point of failure during DDoS attack. Predicting the overall firewall performance is crucial to network security administrators and designers in assessing the strength and effectiveness of network firewalls against DDoS attacks. In this paper, the authors have made a humble attempt to study and compare DDoS performance of various types of firewalls in operation as on today. Analysis and detailed comparison is performed on open source Packet Filter (PF) firewall, Checkpoint SPLAT and Cisco ASA in a testing environment with laboratory generated DDoS traffic.