Data Center Security: DCFW Classification Data Sheet

A datasheet from NSS Labs titled Data Center Firewall (DCFW)

Technology Overview and Test Metrics


Better-Performing Firewalls.

A firewall is a mechanism used to protect a trusted network from an untrusted network, while allowing authorized communications to pass from one side to the other. Performance metrics, while important in any firewall, become critical in a data center deployment. Data center firewalls (DCFWs) handle multiple application traffic mixes for hundreds of thousands of users, and thus must support higher data rates. The performance versus cost trade-offs of DCFW products are based on use case and evaluated in the following areas:

  • TCO based on performance (TCO per Protected Mbps) – Throughput is a common metric of benchmarking products since it creates a simple comparison of how much information can be processed such as cloud computing and secure transaction but however it is not the only metric taken into consideration.
  • TCO based on connection rate performance (TCO per Protected CPS per Mbps) -  Connections per second is a critical metric for data centers that host applications with short connection durations at high transaction rates such as ecommerce sites and high volume database transactions.
  • TCO based on concurrent connections performance (TCO per Protected Concurrency per Mbps) – Concurrent connections provide insight into how and where users are connected for longer durations such as SaaS based applications (Software-as-a-Service) and media streaming.

Click here to download as PDF