RFC 9411
Benchmarking Methodology for Network Security Device Performance, March 2023
- File formats:
- Also available: XML file for editing
- Status:
- INFORMATIONAL
- Obsoletes:
- RFC 3511
- Authors:
- B. Balarajah
C. Rossenhoevel
B. Monkman - Stream:
- IETF
- Source:
- bmwg (ops)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9411
Discuss this RFC: Send questions or comments to the mailing list bmwg@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9411
Abstract
This document provides benchmarking terminology and methodology for next-generation network security devices, including next-generation firewalls (NGFWs) and next-generation intrusion prevention systems (NGIPSs). The main areas covered in this document are test terminology, test configuration parameters, and benchmarking methodology for NGFWs and NGIPSs. (It is assumed that readers have a working knowledge of these devices and the security functionality they contain.) This document aims to improve the applicability, reproducibility, and transparency of benchmarks and to align the test methodology with today's increasingly complex layer 7 security-centric network application use cases. As a result, this document makes RFC 3511 obsolete.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.