Although security have to be a key issue for systems carrying intelligence such as surveillance system, it is still overshadowed by bandwidth utilization in multicast networks. Next Generation Firewalls (NGFWs), state of the art cyber security devices, can be a solution with their content awareness features for this issue. NGFWs are both security and network devices, and it is a challenge to place a NGFW in a multicast network optimally and testing NGFWs in terms of threat prevention such as web, malware and exploit attack prevention capabilities. In this study, we proposed a flexible testbed for the first time, that can evaluate NGFWs in terms of security and multicast networking performances. The most popular brand datacenter type NGFWs were also tested by using the testbed under various attacks and network designs. The results showed that NGFWs can be used as both rendezvous points in Layer 3 and bridge mode in Layer 2 in multicast networks successfully. Moreover, proposed testbed allows testing the security functions of NGFWs and benchmark them in terms of threat prevention performance.

尽管安全性对于诸如监视系统之类的承载智能的系统而言是关键问题，但仍被组播网络中的带宽利用所掩盖。下一代防火墙（NGFW）是最先进的网络安全设备，可以凭借其针对此问题的内容识别功能而成为解决方案。NGFW既是安全设备，又是网络设备，将NGFW最佳地放置在多播网络中并在Web，恶意软件和漏洞攻击防御功能等威胁防御方面对NGFW进行测试是一个挑战。在这项研究中，我们首次提出了一个灵活的测试平台，该平台可以在安全性和多播网络性能方面评估NGFW。还使用测试床在各种攻击和网络设计下对最受欢迎的品牌数据中心类型的NGFW进行了测试。结果表明，在组播网络中，NGFW既可以用作第3层的集合点，又可以用作第2层的桥接模式。此外，建议的测试平台可以测试NGFW的安全功能，并在威胁防御性能方面对它们进行基准测试。