Performance evaluation of free software based firewalls
DOI:
https://doi.org/10.37135/ns.01.09.03Keywords:
Cyber-security, enterprises, firewall, performance evaluation, SME, computational resourcesAbstract
The objective of this research is to quantitatively evaluate the performance and security functionalities of the main firewalls based on free software currently available. Synthetic analytical and historical-logical scientific methods were used to analyze the literature related to the object of study and the experimental method was applied to verify the performance of the identified solutions. Metrics such as bandwidth, jitter and packet loss rate were used to measure the network performance of the firewalls using the iPerf3 tool. The htop tool was used to check the CPU and RAM consumption of the solutions. It was identified that Endian, Zentyal, pfSense, OPNsense, VyOS, IPFire and ClearOS provide a set of functionalities that contribute to increase the security in data networks. The results obtained showed that ClearOS has the best overall CPU and RAM consumption rates, which demonstrated its high efficiency in securing data networks with savings and optimal use of hardware resources. The identified findings facilitate decision making for the deployment of cyber-security tools in digital networks of organizations with scarce computational resources.
Downloads
References
Agbenyegah, F. K., & Asante, M. (2017). Impact of Firewall on Network Performance. International Journal of Scientific & Technology Research, 6(3), 32-38. Retrieved from: https://www.ijstr.org/final-print/mar2017/Impact-Of-Firewall-On-Network-Performance.pdf
Arunwan, M., Laong, T., & Atthayuwat, K. (2016). Defensive Performance Comparison of Firewall Systems. En Management and Innovation Technology International Conference (MITicon), Bang-San, Thailand, p. 221- 224. https://doi.org/10.1109/MITICON.2016.8025212
Berbecaru, D., Lioy, A., & Cameroni, C. (2020). Supporting Authorize-then-Authenticate for Wi-Fi access based on an electronic identity infrastructure. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, 11(2), 34-54. https://dx.doi.org/10.22667/JOWUA.2020.06.30.034
Buñay, P., Pastor, D., Paguay, P., & Moreno, S. (2019). Análisis de la Arquitectura DIFFSERV sobre redes MPLS para la provisión de QoS en aplicaciones en tiempo real (VoIP). NOVASINERGIA, 2(1), 33-40. https://doi.org/10.37135/unach.ns.001.03.04
Bustamante, S., Valles, M. A., & Levano, D. (2020). Factores que contribuyen en la pérdida de información en las organizaciones. Revista Cubana de Ciencias Informáticas, 14(3), 148-164. Retrieved from: http://scielo.sld.cu/pdf/rcci/v14n3/2227-1899-rcci-14-03-148.pdf
Cheminod, M., Durante, L., Seno, L., & Valenzano, A. (2018). Performance evaluation and modeling of an industrial application-layer firewall. IEEE Transactions on Industrial Informatics, 14(5), 2159-2170. https://doi.org/10.1109/TII.2018.2802903
Cotret, P., Gogniat, G., & Sepúlveda, M. J. (2016). Protection of heterogeneous architectures on FPGAs: An approach based on hardware firewalls. Microprocessors and Microsystems, 42, 124-141. https://doi.org/10.1016/j.micpro.2016.01.013
Dagnesses, D. (2019). Experiencia en la utilización de la Distribución GNU/Linux VyOS como software para PC-routers en una institución de Salud. Revista Cubana de Informática Médica, 11(2), 36-47. Retrieved from: http://scielo.sld.cu/scielo.php?script=sci_arttext&pid=S1684-18592019000200036
Eset Security (2021). Eset Security Report Latinoamérica 2021. Retrieved from https://www.welivesecurity.com/wp-content/uploads/2021/06/ESET-security-report-LATAM2021.pdf
World Economic Forum (2020). The Global Risks Report 2020 15th Edition. Retrieved from: http://www3.weforum.org/docs/WEF_Global_Risk_Report_2020.pdf
Iriarte, A., Velarde, P., Aguirre, A., Mena, L. J., Martínez, R., & Ochoa, A. M. (2018). Evaluación de firewalls basados en software libre. Pistas Educativas, 40(130), 625-637. Retrieved from: http://www.itc.mx/ojs/index.php/pistas/article/view/1738
Karim, I.; Vien, Q. T.; Anh Le, T.; Mapp, G. (2017). A Comparative Experimental Design and Performance Analysis of Snort-Based Intrusion Detection System in Practical Computer networks. Computers, 6(1), 1-15. https://doi.org/10.3390/computers6010006
Konikiewicz, W., & Markowski, M. (2017). Analysis of performance and efficiency of hardware and software firewalls. Journal of Applied Computer Science Methods, 9(1), 49-63. https://doi.org/10.1515/jacsm-2017-0003
Lee, J. K., Kim, S. J., Park, C. Y., & Woo, J. (2015). Performance Evaluation and Analysis of Network Firewalls in High Speed Networks. Indian Journal of Science and Technology, 8(25). https://dx.doi.org/10.17485/ijst/2015/v8i25/80825
Logroño, E. (2017). Análisis de los servicios Cloud Computing para una gestión empresarial eficaz, (Tesis de Maestría en Redes de Comunicación), Pontificia Universidad Católica de Ecuador. Retrieved from: http://repositorio.puce.edu.ec/handle/22000/14419
Mora, E. F., & Villero, S. L. (2020). Importancia de la implementación de firewall en redes empresariales como mecanismo para la protección de información. Ciencia e Ingeniería, 7(1), 28-35. Retrieved from: http://revistas.uniguajira.edu.co/rev/index.php/cei/article/view/202
Morales, F., Toapanta, S., & Toasa, R. M. (2020). Implementación de un sistema de seguridad perimetral como estrategia de seguridad de la información. Revista Ibérica de Sistemas e Tecnologias de Informação, (E27), 553-565. Retrieved from: https://www.proquest.com/openview/35d3af032ceee8d79daf8a813e2c7967/1?pq-origsite=gscholar&cbl=1006393
Neupane, K., Haddad, R., & Chen, L. (2018). Next Generation Firewall for Network Security: A Survey. En SoutheastCon 2018, St. Petersburg, FL, EE.UU. https://doi.org/10.1109/SECON.2018.8478973
O’Leary M. (2019) Firewalls. En Cyber Operations. Apress, Berkeley, CA, p. 857-896. https://doi.org/10.1007/978-1-4842-4294-0_17
Perdigón, R., & Pérez, M. T. (2020). Análisis holístico del impacto social de los negocios electrónicos en América Latina, de 2014 a 2019. Paakat: Revista de Tecnología y Sociedad, 10(18). http://dx.doi.org/10.32870/Pk.a10n18.459
Perdigón, R., & Ramírez, R. (2020). Plataformas de software libre para la virtualización de servidores en pequeñas y medianas empresas cubanas. Revista Cubana de Ciencias Informáticas, 14(1), 40-57. Retrieved from: http://scielo.sld.cu/pdf/rcci/v14n1/2227-1899-rcci-14-01-40.pdf
Putra, C. A., Vita, Y., & Saputra, W. S. J. (2018). Point to Point Protocol Tunneling VPN Simulation and Analysis on Sniffing. En International Conference on Science and Technology (ICST 2018), 1094-1097. https://doi.org/10.2991/icst-18.2018.220
Rafamantanantsoa, F., Aubert, R.C., & Haja, R. L. (2021) Analysis and Evaluation of MPLS Network Performance. Communications and Network, 13(1), 25-35. https://doi.org/10.4236/cn.2021.131003
Rafamantanantsoa, F., & Rabetafika, H. L. (2018). Performance Comparison and Simulink Model of Firewall Free BSD and Linux. Communications and Network, 10(4), 180-195. https://doi.org/10.4236/cn.2018.104015
Sampaio, D., & Bernardino, J. (2017). Evaluation of Firewall Open Source Software. En: Proceedings of the 13th International Conference on Web Information Systems and Technologies – WEBIST, p. 356-362, Porto, Portugal. https://doi.org/10.5220/0006361203560362
Shahsavari, Y., Shahhoseini, H., Zhang, K., & Elbiaze, H. (2019). A Theoretical Model for Analysis of Firewalls Under Bursty Traffic Flows. IEEE Access, 7, 183311-183321. https://doi.org/10.1109/ACCESS.2019.2926925
Stubbig, M. (2019). Practical OPNsense. Building Enterprise Firewall with Open Source. Norderstedt, Alemania: BoD. Retrieved from: https://www.bod.de/buchshop/practical-opnsense-markus-stubbig-9783754302569
Togay, C., Kasif, A., Catal, C., & Tekinerdogan, B. (2021). A Firewall Policy Anomaly Detection Framework for Reliable Network Security. IEEE Transactions on Reliability, 1-9. https://doi.org/10.1109/TR.2021.3089511
Xuan, S., Yang, W., Dong, H., & Zhang, J. (2016) Performance Evaluation Model for Application Layer Firewalls. PLoS ONE, 11(11): e0167280. https://doi.org/10.1371/journal.pone.0167280
Zare, H., Olsen, P., Zare, M.J., & Azadi, M. (2018). Operating System Security Management and Ease of Implementation (Passwords, Firewalls and Antivirus). En: Latifi S. (eds) 15th International Conference on Information Technology: New Generations, ITNG 2018. Advances in Intelligent Systems and Computing, vol 738. Springer, Cham. https://doi.org/10.1007/978-3-319-77028-4_98
