Deep Packet Inspection in Firewall Clusters

Robert Hamilton, Wayne Gray, Clifford Sibanda, Subbiah Kandasamy, Raimund Kirner, Athanasios Tsokanos

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Clusters of firewalls is an architecture that can enhance cyber security and protect from network attackers. Deep Packet Inspection (DPI) is a sophisticated method used in firewalls to stop malicious activity within a network. However, DPI creates a performance drawback in terms of further processing and associated latency. There are very few published realistic experiments on firewall clusters and to the best of our knowledge, this is the first time that a study with real network equipment under realistic network conditions has measured and evaluated firewall clusters against single firewalls using DPI. We measured the induced latency while varying data traffic conditions such as speed and packet payload sizes. Our results clearly identify and quantify the conditions and architectures where deterioration in performance is quite significant. Our measurements show that in some cases the use of firewall clusters or DPI can increase latency and/or reduce speed by more than 10%. This new contribution to knowledge can help engineers and researchers when designing a network.
Original languageEnglish
Title of host publicationProc. 28th Int'l Telecommunications Forum (TELFOR)
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Number of pages4
Publication statusPublished - 30 Nov 2020


  • networking
  • firewall
  • deep packet inspection


Dive into the research topics of 'Deep Packet Inspection in Firewall Clusters'. Together they form a unique fingerprint.

Cite this