Performance Testing  7/13

  • Environment
    • Model 200, Multi-Core, 32 GB System Memory
    • 4 1 GbS Copper Interfaces
    • 2 10 GbS Fibre (LC) Interfaces
  • Performance Testing
    • Copper:
      • .989 GbS per interface sustained throughput
      • 11.878 micro second latency introduced
      • Aggregate throughput = 3.956 GbS
    • Fibre:
      • 9.79 GbS per interface sustained throughput
      • 10.993 micro second latency introduced
      • Aggregate throughput = 19.58 GbS
    • Total:
      • 23.536 GbS total throughput under load
      • 11.878 micro second latency introduced worst case
      • 10.993 micro second latency introduced best case
      • 11.583 micro second latency introduced on average
    • Test Notes:
      • Dedicated hardware based tools used to test
      • All interfaces tested at the same time to ensure total throughput is accurate.
      • All data transiting the device was fully inspected by the Barrier1 Model 200 device 

DDoS Testing

  • Attackers:
    • 100,000 unique attacker IP addresses across 394 subnets
    • Each attacker IP produces 1000 DDoS threads/connections
    • 100 Million (100,000,000) total DDoS attack simultaneous threads/connections
    • Aggregate attacker bandwidth was 22 GbS
    • A mix of TCP, UDP and HTTP attack methods were used
  • Defender:
    • Model 200, Multi-Core, 32 GB System Memory
    • 4 1 GbS Copper Interfaces
    • 2 10 GbS Fibre (LC) Interfaces
  • Test Results:
    • Barrier1 DDoS Detection Performance
      • TCP = 3 packets on average
      • UDP = 4 packets on average
      • HTTP = 2 packets on average
    • Barrier1 Response:
      • After detecting a DDoS attacker the Barrier1 device sends a specially crafted response packets.
      • The effect on the attacker connections is to cause the connections to wait for a long period of time
      • The end result is that the attackers in effect, are DDoS events themselves
      • The Barrier1 then drops any further packets from the attacker
    • Total DDoS time:
      • In this testing the Barrier1 defeated 100,000 attackers (100 million attacker connections) in 31.749 seconds.
      • For 31.749 seconds the network was degraded but usable
      • Additional CPU load was 2%
      • Additional memory load was .5%