Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
A comparison of Snort’s network performance on cisco firepower and a Linux PC
Högskolan Väst, Institutionen för ingenjörsvetenskap.
Högskolan Väst, Institutionen för ingenjörsvetenskap.
2023 (Engelska)Självständigt arbete på grundnivå (högskoleexamen), 5 poäng / 7,5 hpStudentuppsats (Examensarbete)Alternativ titel
En jämförlse av snort’s nätverksprestanda på ciscofirepower och en linux enhet (Svenska)
Abstract [en]

The importance of securely protecting the network cannot be understated and is only growing as more businesses and personal users rely on digital appliances and the internet, despite this need it is also important to consider both the effect on the network performance when implementing security measures and the cost. This study explores one of the leading opensource solutions among existing IPS, Snort and its effect on network performance when deployed as an IPS on a commercial device firepower and a normal Linux computer to determine if it is advantageous to save costs by setting it up on a non-dedicated device and the effect network performance when done. In order to measure the degree of effect this study defines network performance as the effect on latency and throughput when running snort in inline mode. The study explores how these factors vary when experiencing different quantities of malicious traffic during high-usage of the link.The effect as concluded in this study is that snort running on Linux has a minor effect on latency with 2.5 ms larger delay in comparison to running on the commercial alternative firepower, it is also observed that the difference grow as the number of malicious packets increases and depending on need for low-latency environment and quantity of malicious packets caused by deployment location is main determinants when choosing between setting it up on a Linux device against using it on a firepower device. The maximum throughput for both devices is capped slightly below 60 Megabyte data per second on a 1 Gigabit link but the Linux device showed larger variance between the same and lower maximum throughput during the different tests, the exact cause of this variance is not known and requires further study. The study concludes that depending on user needs and location of deployment using a noncommercial version of the popular IPS Snort is a valid option if one can accept a slight loss in latency and have the knowledge required to set it up.

Ort, förlag, år, upplaga, sidor
2023. , s. 44
Nyckelord [en]
Snort, Linux, Firepower, nätverksprestandard, latency, bandwidth
Nationell ämneskategori
Datorsystem
Identifikatorer
URN: urn:nbn:se:hv:diva-19922Lokalt ID: EXN300OAI: oai:DiVA.org:hv-19922DiVA, id: diva2:1754952
Ämne / kurs
Datateknik
Utbildningsprogram
Nätverksteknik med IT-säkerhet
Handledare
Examinatorer
Tillgänglig från: 2023-05-24 Skapad: 2023-05-05 Senast uppdaterad: 2023-05-31Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Av organisationen
Institutionen för ingenjörsvetenskap
Datorsystem

Sök vidare utanför DiVA

GoogleGoogle Scholar

urn-nbn

Altmetricpoäng

urn-nbn
Totalt: 239 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf