<![CDATA[This study presents a comparative evaluation of two widely used Linux-based firewall solutions, Uncomplicated Firewall (UFW) and ConfigServer Security & Firewall (CSF), using the SEPER framework, which encompasses Security, Performance, Effectiveness, and Reliability dimensions. While previous studies have examined Linux firewall configurations individually, systematic comparisons that apply a structured evaluation framework such as SEPER remain limited. The experiments were conducted on Ubuntu Server using an intra-host virtualized environment consisting of multiple virtual machines. Network performance was evaluated using throughput and latency measurements, while security effectiveness was assessed through port scanning, SSH brute-force simulations, and mild SYN flood scenarios. System reliability was analyzed based on CPU and memory utilization. The results indicate that UFW and CSF exhibit comparable network performance, with throughput differences remaining below 5%, suggesting no statistically significant performance advantage for either firewall. UFW demonstrates slightly lower resource overhead, whereas CSF provides stronger automated brute-force mitigation through its integrated Login Failure Daemon (LFD), at the cost of modestly higher resource usage. Mild SYN flood tests produced similar outcomes across all configurations, largely influenced by Linux kernel-level mechanisms. Overall, this study highlights a trade-off between resource efficiency and advanced security automation. By applying the SEPER framework, the findings provide balanced and practical guidance for Linux administrators in selecting firewall solutions based on deployment priorities rather than isolated performance metrics.]]>
