Traffic and overhead analysis of applied pre-filtering ACL firewall on HPC service network

Traffic and overhead analysis of applied pre-filtering ACL firewall on HPC service network

In an high-performance computing (HPC), supercom puting service environment, the security of infrastructure nodesthat are points of contact for researchers is very important. Wehave applied various security devices such as anti-DDoS, IPS, fire wall, web application firewall, and etc. on an HPC servi...

Full description

Saved in:
Bibliographic Details
Published in:Journal of communications and networks Vol. 23; no. 3; pp. 192 - 200
Main Authors: Lee, Jae-Kook, Hong, Taeyoung, Li, Guohua
Format: Journal Article
Language:English
Published: 한국통신학회 01-06-2021
Subjects:
전자/정보통신공학
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In an high-performance computing (HPC), supercom puting service environment, the security of infrastructure nodesthat are points of contact for researchers is very important. Wehave applied various security devices such as anti-DDoS, IPS, fire wall, web application firewall, and etc. on an HPC service net work to provide more secure supercomputing services. Firewallsare a common and essential element of network security deviceswith the ability to block network traffic according to pre-definedrules. With the increasing demands for services, cyberattacks, aswell as overheads on firewall policies have also increased. To re duce this overhead, in our previous research, we analyzed droppedpackets log and performed a method on the firewall as AbnormalIP that can detect and deny anomalous IPs in real-time. As thenumber of abnormal IPs increased, the performance of the firewallsignificantly deteriorated. To solve this problem, we applied accesscontrol list (ACL) at the front-end of the firewall to perform pre filtering, thereby improving the performance of the firewall on theHPC service network. This research is expected to contribute as apreliminary study in the HPC field by deriving pre-filtering ACLto reduce the CPU load of firewall server by showing the result ofabout 21.5% improvement in performance. KCI Citation Count: 0
ISSN:1229-2370
1976-5541
DOI:10.23919/JCN.2021.000011