Term of Award
Spring 2014
Degree Name
Master of Science in Applied Engineering (M.S.A.E.)
Document Type and Release Option
Thesis (open access)
Copyright Statement / License for Reuse
Digital Commons@Georgia Southern License
Department
Department of Mechanical Engineering
Committee Chair
Jordan Shropshire PhD
Committee Member 1
Chris Kadlec PhD
Committee Member 2
Timur Mirzoev PhD
Abstract
The rapid expansion in networking has provided tremendous opportunities to access an unparalleled amount of information. Everyone connects to a network to gain access and to share this information. However when someone connects to a public network, his private network and information becomes vulnerable to hackers and all kinds of security threats. Today, all networks needs to be secured, and one of the best security policies is firewall implementation.
Firewalls can be hardware or cloud based. Hardware based firewalls offer the advantage of faster response time, whereas cloud based firewalls are more flexible. In reality the best form of firewall protection is the combination of both hardware and cloud firewall.
In this thesis, we implemented and configured a federated architecture using both firewalls, the Cisco ASA 5510 and Vyatta VC6.6 Cloud Based Firewall. Performance evaluation of both firewalls were conducted and analyzed based on two scenarios; spike and endurance test. Throughputs were also compared, along with some mathematical calculations using statistics. Different forms of packets were sent using a specialized tool designed for load testing known as JMeter.
After collecting the results and analyzing it thoroughly, this thesis is concluded by presenting a heuristics method on how packet filtering would fall back to the cloud based firewall when the hardware based firewall becomes stressed and over loaded, thus allowing efficient packet flow and optimized performance.
The result of this thesis can be used by Information Security Analyst, students, organizations and IT experts to have an idea on how to implement a secured network architecture to protect digital information.
Recommended Citation
Waziri, Ibrahim, "A Federated Architecture for Heuristics Packet Filtering in Cloud Networks" (2014). Electronic Theses & Dissertations
Research Data and Supplementary Material
No
Included in
Computer and Systems Architecture Commons, Digital Communications and Networking Commons, Hardware Systems Commons, Library and Information Science Commons, Management Information Systems Commons, Technology and Innovation Commons
