<![CDATA[Virtualization technology is slowly being used to build network infrastructure called Network Function Virtualization (NFV). It takes network functions such as firewall, load balancer, IPS out of its hardware then uses its software to be run on high specification server. It helps to reduce vendor lock-in and creates a multiplatform network function environment for telecommunication or Internet Service Provider (ISP) company. It has a lot of benefits compared to a traditional network. One of them is reducing the number of hardware that is used in the telecom industry. This technology runs on the hypervisor that is used for the hardware management. One of the important components from NFV is Virtualized Network Function (VNF). In NFV, network devices are run on a server so that a firewall is needed. If an attack occurs on the network, it will interfere the existing network components. This paper focuses on analyzing the performance of two firewall systems: pfSense, and FortiGate. Both firewalls run on the VMware ESXi hypervisor. It compares the firewall performance in normal conditions without attacks and under SYN DoS attacks. Besides, firewall failover capabilities are evaluated. Based on the overall testing results, FortiGate has better performance than pfSense. It has better ability in handling DoS SYN attack because of lower throughput performance degradation and better FTP performance. It is concluded that FortiGate has best performance if it is compared to pfSense.]]>
Copyrights © 2019
