Skip to main content

Benchmarking Methodology for Network Security Device Performance

Document Type Replaced Internet-Draft (individual)
Expired & archived
Authors Balamuhunthan Balarajah , Carsten Rossenhoevel
Last updated 2019-04-17 (Latest revision 2018-10-14)
Replaced by RFC 9411
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-bmwg-ngfw-performance
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document provides benchmarking terminology and methodology for next-generation network security devices including next-generation firewalls (NGFW), intrusion detection and prevention solutions (IDS/ IPS) and unified threat management (UTM) implementations. The document aims to strongly improve the applicability, reproducibility, and transparency of benchmarks and to align the test methodology with today's increasingly complex layer 7 application use cases. The main areas covered in this document are test terminology, traffic profiles and benchmarking methodology for NGFWs to start with.


Balamuhunthan Balarajah
Carsten Rossenhoevel

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)