Segurança Em Redes De Comunicações

Segurança Em Redes De Comunicações

Segurança Em Redes De Comunicações
Corporate Networks Topics
Introduction to Network Security
Network Access Control
Network Flow Control
Secure Communications
Remote Access
Intrusion Detection and Prevention
Network Monitoring SIEM

Powered by GitBook

On this page

Firewalls
Remote-Access VPN
Performance Evaluation

Network Flow Control

DDoS Mitigation at Source

PreviousHalf-Open TCP Connection Problem NextCisco’s Access Control Lists (ACL)

Last updated 2 years ago

CAR - Committed Access Rate.

Limits (a class of traffic) traffic to a specific rate.
Token bucket model.
Avoids that a single source may generate/transmit traffic above a pre-defined threshold.

Firewalls

Remote-Access VPN

Firewalls need to work with VPN gateways.

To filter all traffic.
To filter and decrypt VPN traffic.

Most firewalls integrate both Security and VPN gateway services.

Performance Evaluation

Basic Firewall

IP Throughput.

The raw capability of the firewall to pass traffic from interface to interface.

Latency.

Time traffic delay in the firewall.
Should be measured and reported when the firewall is at its operating load.

Traditional Enterprise Firewall

Connection Establishment Rate.

The speed at which firewalls can set up connections.

Concurrent Connection Capability.

Total number of open connections through the firewall at any given moment.

Connection Teardown Rate.

The speed at which firewalls can teardown connections and free resources.

Next-Generation Firewall

Application Transaction Rate.

The capability of the firewall to secure discrete application-layer transactions contained in an open connection.
May include application-layer gateways, intrusion prevention, or deep-inspection technology.
Application transaction rates are highly data-dependent.