Traffic and overhead analysis of applied pre-filtering ACL firewall on HPC service network

In an high-performance computing (HPC), supercom puting service environment, the security of infrastructure nodesthat are points of contact for researchers is very important. Wehave applied various security devices such as anti-DDoS, IPS, fire wall, web application firewall, and etc. on an HPC servi...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of communications and networks 2021, 23(3), , pp.192-200
Hauptverfasser: Lee, Jae-Kook, Hong, Taeyoung, Li, Guohua
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:In an high-performance computing (HPC), supercom puting service environment, the security of infrastructure nodesthat are points of contact for researchers is very important. Wehave applied various security devices such as anti-DDoS, IPS, fire wall, web application firewall, and etc. on an HPC service net work to provide more secure supercomputing services. Firewallsare a common and essential element of network security deviceswith the ability to block network traffic according to pre-definedrules. With the increasing demands for services, cyberattacks, aswell as overheads on firewall policies have also increased. To re duce this overhead, in our previous research, we analyzed droppedpackets log and performed a method on the firewall as AbnormalIP that can detect and deny anomalous IPs in real-time. As thenumber of abnormal IPs increased, the performance of the firewallsignificantly deteriorated. To solve this problem, we applied accesscontrol list (ACL) at the front-end of the firewall to perform pre filtering, thereby improving the performance of the firewall on theHPC service network. This research is expected to contribute as apreliminary study in the HPC field by deriving pre-filtering ACLto reduce the CPU load of firewall server by showing the result ofabout 21.5% improvement in performance. KCI Citation Count: 0
ISSN:1229-2370
1976-5541
DOI:10.23919/JCN.2021.000011