Security focus of new EEMBC benchmark suite
1 min read
The Embedded Microprocessor Benchmark Consortium (EEMBC) has announced its intent to create a standardised, industry-endorsed method to evaluate the performance of deep packet inspection (dpi) solutions.
These solutions use a variety of methods to examine whole data packets, including both the header and payload, to determine the authenticity and safety of the transmission. To date, the industry has lacked a common method to test and validate dpi throughput for network security products, such as unified threat management (utm) appliances and next generation firewalls. EEMBC's testing approach will consider the various threat vectors used in attempting to transfer infected payloads into a network.
In addition to creating the benchmarks that capture the performance of a system providing dpi, EEMBC plans to standardise the setup and certification methodology, as well as the standardised run and reporting rules. According to the consortium, these standard methodologies will eliminate confusion for IT professionals, office managers, and consumers who are evaluating the dpi products for purchase, as the benchmarks – called DPIBench - will measure the performance of all dpi solutions equitably.
DPIBench will also play a key role in the evaluation of the network processors that provide the control and intelligence required to implement devices performing dpi. This evaluation has been elusive in the past because network processor performance must be obtained by testing the network processor in a complete and well defined system. The challenge is even more complex, however, because two systems with the exact same processor chip can perform very differently depending on which features the system vendor has implemented.
Jeff Caldwell, R&D director at SonicWALL has taken the role as chair of the EEMBC network security working group. He said: "We have seen a desperate need for well constructed, industry accepted dpi benchmarks to equitably evaluate the throughput of platforms while handling various network security threat vectors. We strongly encourage all industry leaders to participate in the creation of these EEMBC dpi benchmarks, which will help meet this urgent need. Upon completion, we plan to proceed to internet engineering task force (ietf) formalisation of this benchmarking methodology."
Initial participation in the working group has come from processor vendors such as Cavium Networks, Intel, and NetLogic Micro and system vendors such as SonicWALL and others. The working group will hold an open meeting on August 17.