Network Performance And Modelling Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Computer networks are typically a shared resource used by many applications for many different purposes. Sometimes the data transmitted between application processes is confidential, and the application users would prefer that others not be able to read it. A firewall is a specially programmed router that sits between a site and the rest of the network. It is a router in the sense that it is connected to two or more physical networks and it forwards packets from one network to another, but it also filters the packets that flow through it. A VPN is an example of providing a controlled connectivity over a public network such as the Internet. VPNs utilize a concept called an IP tunnel-a virtual point to-point link between a pair of nodes that are actually separated by an arbitrary number of networks. In this paper we set up a network where servers are accessed over the Internet by customers who have different privileges. We study how firewalls and VPNs can provide security to the information in the servers while maintaining access for customers with the appropriate privilege. Besides that, we had calculated and analyzed the waiting time in the queue for all the scenarios. There are three scenarios which are Firewall scenario, NoFirewall scenario and Firewall_VPN scenario. The experiment had been done by using OPNET Modeler 9.1.

INTRODUCTION

OPNET Modeler becomes an industry leader for simulator specialized in the development and network research field. It is used to design and study almost everything about communication networks, protocols, devices, and other applications with very good adjustability. OPNET modeler has a feature of graphical editor interface which allow you to build models for various network matters from the physical layer to the application processes. Each and every component in OPNET modeler is modeled in an object-oriented method which explains an easy mapping to the real systems. It is used very flexible platform to allow you to test your ideas and solutions with less amount and cost.

OPNET modeler software provides a Virtual Environment that simulates the reaction of our entire network, including its protocols, servers, routers, switches, cables and the applications as well. It allows you to design and study communication networks, devices and applications with great flexibility. By working in the Virtual Network Environment, IT engineers, network designers and system planners are able to diagnose and analyze difficult problems more effectively. By using OPNET simulation we can save time and money by test changes performance on our network before we implement them.

Objective

The objectives of this study are:

To study the role of firewalls and Virtual Private Networks (VPNs) in providing security to shared public networks such as the Internet.

To calculate and analyze the waiting time for Firewall scenario, NoFirewall scenario and Firewall_VPN scenario.

Literature Review

1.2.1 Firewall

A firewall is a specially programmed router that sits between a site and the rest of the network. It is a router in the sense that it is connected to two or more physical networks and it forwards packets from one network to another, but it also filters the packets that flow through it. A firewall allows the system administrator to implement a security policy in one centralized place. Filter-based firewalls are the simplest and most widely deployed type of firewall. They are configured with a table of addresses that characterize the packets they will and will not forward.

Firewalls are multi-homed servers with routing capabilities that are aimed to protect the local networks against unauthorized accesses. Firewalls contain proxy servers which determine the firewalls security policies for the corresponding applications. If a firewall does not have the proxy server of a certain application then this application is not allowed through the firewall. Proxy servers may introduce some additional processing delay to the forwarded packets, or just forward them without any proxy server latency (circuit level filtering) depending on the application that the datagram belong to. It also specifies whether there is an additional latency introduced to the datagram by the proxy servers, and which characteristics it has.

1.2.2 Virtual Private Network (VPN)

A VPN is an example of providing a controlled connectivity over a public network such as the Internet. VPNs utilize a concept called an IP tunnel, a virtual point-to-point link between a pair of nodes that are actually separated by an arbitrary number of networks.

The virtual link is created within the router at the entrance to the tunnel by providing it with the IP address of the router at the far end of the tunnel. Whenever the router at the entrance of the tunnel wants to send a packet over this virtual link, it encapsulates the packet inside an IP datagram. The destination address in the IP header is the address of the router at the far end of the tunnel, while the source address is that of the encapsulating router.

METHODOLOGY

2.0 Create a New Project

1. Start OPNET Modeler 9.1 ⇒ Choose New from the File menu.

2. Select Project and click OK ⇒ Name the project according to the group name. For example, the project names BZH_VPN, and the scenario NoFirewall ⇒ Click OK.

3. Click Quit on the Startup Wizard.

4. To remove the world background map, select the View menu ⇒ Background ⇒ Set Border Map ⇒ Select NONE from the drop-down menu ⇒ Click OK.

2.1 Create and Configure the Network

2.1.1 Initialize the Network

1. Open the Object Palette dialog box. Make sure that the internet_toolbox item is selected from the pull-down menu on the object palette.

2. Add the following objects, from the palette, to the project workspace as shown in Figure: Application Config, Profile Config, an ip32_cloud, one ppp_server and three ethernet4_slip8_gtwy routers.

3. Add two ethernet_station hosts from ethernet item on the object palette.

4. Rename the objects added and connect those using PPP DS1 links except for the connection between router and node. Connect between router and node by using Ethernet 100BaseT link as shown below:

5. Save the project.

2.1.2 Configure the Nodes

1. Right-click on the Applications node ⇒ Edit Attributes ⇒ Assign Default to the Application Definitions attribute ⇒ Click OK.

2. Right-click on the Profiles node ⇒ Edit Attributes ⇒ Assign Sample Profiles to the Profile Configuration attribute ⇒ Click OK.

3. Right-click on the Server node ⇒ Edit Attributes ⇒ Assign All to the Application: Supported Services attribute ⇒ Click OK.

4. Right-click on the Sales A node ⇒ Select Similar Nodes (make sure that both Sales A and Sales B are selected).

i. Right-click on the Sales A node ⇒ Edit Attributes ⇒ Check the Apply Changes to Selected Objects check-box.

ii. Expand the Application: Supported Profiles attribute ⇒ Set rows to 1 ⇒ Expand the row 0 hierarchy ⇒ Profile Name = Sales Person.

iii. Click OK.

5. Save the project.

2.2 Choose the Statistics

Right-click on the Ethernet 100BaseT link ⇒ Choose Individual Statistic.

At the Choose Results tab, Choose Point-to-Point.

Select parameters which are:

Throughput (packets/sec) 

Throughput (packets/sec) 

Utilization 

Utilization 

Click OK and then save the project.

2.3 The Firewall Scenario

1. Select Duplicate Scenario from the Scenarios menu and name it Firewall ⇒ Click OK.

2. In the new scenario, right-click on Router C ⇒ Edit Attributes.

3. Assign ethernet2_slip8_firewall to the model attribute.

4. Expand the hierarchy of the Proxy Server Information attribute ⇒ Expand the row 1, which is for the Database application, hierarchy ⇒ Assign No to the Proxy Server Deployed attribute as shown in Figure.

5. Click OK and then save the project. The Firewall scenario is shown in Figure.

2.4 The Firewall_VPN Scenario

1. While in the Firewall scenario, select Duplicate Scenario from the Scenarios menu and give it the name Firewall_VPN ⇒ Click OK.

2. Remove the link between Router C and the Server.

3. Open the Object Palette dialog box. Make sure that the opened palette is the one called internet_toolbox.

i. Add to the project workspace one ethernet4_slip8_gtwy and one IP VPN Config (as shown in Figure).

ii. From the Object Palette, use two PPP DS1 links to connect the new router to Router C (the firewall) and to the Server, as shown in Figure.

iii. Close the Object Palette dialog box.

4. Rename the IP VPN Config object to VPN.

5. Rename the new router to Router D.

2.4.1 Configure the VPN:

1. Right-click on the VPN node ⇒ Edit Attributes.

i. Expand the VPN Configuration hierarchy ⇒ Set rows to 1 ⇒ Expand row hierarchy ⇒ Edit the value of Tunnel Source Name and write down Router A ⇒ Edit the value of Tunnel Destination Name and write down Router D (as shown in Figure).

ii. Expand the Remote Client List hierarchy ⇒ Set rows to 1 ⇒ Expand row 0 hierarchy ⇒ Edit the value of Client Node Name and write down Sales A.

iii. Click OK and then save the project.

2.5 Run the Simulation

To run the simulation for the three scenarios simultaneously:

1. Go to the Scenarios menu ⇒ Select Manage Scenarios.

2. Change the values under the Results column to <collect> (or <recollect>) for the three scenarios. Use the Sim Duration (10 hours) as shown in Figure.

3. Click OK to run the three simulations.

4. After the three simulation runs complete, one for each scenario, click Close ⇒ Save the project.

2.6 View the Results

To view and analyze the results:

1. Select Compare Results from the Results menu.

2. Change the drop-down menu in the middle-lower part of the Compare Results dialog box from As Is to time_average as shown in Figure.

3. To view the utilization between router and node, expand the Object Statistics hierarchy ⇒ Expand the Router A <-> node_1 [0] hierarchy ⇒ Select the point-to-point ⇒ Choose utilization  statistic.

4. To view the throughput, expand the Object Statistics hierarchy ⇒ Expand the Router A <-> node_1 [0] hierarchy ⇒ Select the point-to-point ⇒ Choose throughput (packets/sec)  statistic.

6. Click Show to display the graph.

RESULTS AND FINDINGS

3.1 Time_Average in Point-to-point Utilization for NoFirewall Scenario

Experiment result as shown in figure above is derived from the simulation of NoFirewall scenario. The average of utilization for this scenario is 0.0005737.

3.2 Time_Average in Point-to-point Utilization for Firewall Scenario

Experiment result as shown in figure above is derived from the simulation of Firewall scenario. The average of utilization for this scenario is 0.0006072.

3.3 Time_Average in Point-to-point Utilization for Firewall_VPN Scenario

Experiment result as shown in figure above is derived from the simulation of Firewall_VPN scenario. The average of utilization for this scenario is 0.0006535.

3.4 Comparison of Time_Average in Point-to-point Utilization for All Scenarios

Experiment result as shown in figure above is derived from the simulation of all scenarios which are NoFirewall scenario, Firewall scenario and Firewall_VPN scenario. It shows that Firewall_VPN scenario has higher utilization compared to the other two scenarios.

3.5 Time_Average in Point-to-point Throughput (packets/second) for NoFirewall Scenario

Experiment result as shown in figure above is derived from the simulation of No Firewall scenario. The average of throughput for this scenario is 0.01004166667.

3.6 Time_Average in Point-to-point Throughput (packets/second) for Firewall Scenario

Experiment result as shown in figure above is derived from the simulation of Firewall scenario. The average of throughput for this scenario is 0.09494444.

3.7 Time_Average in Point-to-point Throughput (packets/second) for Firewall_VPN Scenario

Experiment result as shown in figure above is derived from the simulation of Firewall_VPN scenario. The average of throughput for this scenario is 0.089138888.

3.8 Comparison of Time_Average in Point-to-point Throughput (packets/second) for All Scenarios

Experiment result as shown in figure above is derived from the simulation of all scenarios which are NoFirewall scenario, Firewall scenario and Firewall_VPN scenario. It shows that Firewall_VPN scenario has more higher throughput compared to Firewall and NoFirewall scenario.

ANALYSIS

In order to get some prove from our experiment, we have to do some calculation to analyze the output that we get from the graph. From our statistical value that we set up in the OPNET experiment, we use to get the parameter value for Throughput and Utilization. By using this parameter, we can see the Queuing Delay (Waiting Time) that occurs in every scenario that we want to analyze.

Here is our formula to calculate the Delay that occurs in all the three scenarios.

Waiting time in the queue, WQ Waiting time in the system, W

WQ = ρ ÷ (µ( 1 - ρ)) W = 1 ÷ (µ( 1 - ρ))

4.1 No Firewall Scenario

Below is the calculation for Delay when we use No Firewall scenario.

Throughput, µ = 0.1004166667 p/sec

Utilization, ρ = 0.0005737

W = 1 ÷ (0.1004166667 (1 - = 0.0005737))

= 9.96 sec

WQ = 0.0005737 ÷ (0.1004166667 (1 - = 0.0005737))

= 0.005716 sec

4.2 Firewall Scenario

Below is the calculation for Delay when we use Firewall scenario.

Throughput, µ = 0.09494444 p/sec

Utilization, ρ = 0.0006072

W = 1 ÷ (0.09494444 (1 - 0.0006072))

= 10.59 sec

WQ = 0.0006072÷ (0.09494444 (1 - 0.0006072))

= 0.006399 sec

4.3 Firewall VPN Scenario

Below is the calculation for Delay when we use Firewall_VPN scenario.

Throughput, µ = 0.089138888 p/sec

Utilization, ρ = 0.0006535

W = 1 ÷ (0.089138888 (1 - 0.0006535))

= 11.23 sec

WQ = 0.0006535 ÷ (0.089138888 (1 - 0.0006535))

= 0.007336 sec

4.4 Scenarios Result

Scenario

Throughput, µ (p/sec)

Utilization, ρ

WQ (sec)

W (sec)

NoFirewall

0.1004166667

0.0005737

0.005716

9.96

Firewall

0.09494444

0.0006072

0.006399

10.59

Firewall_VPN

0.089138888

0.0006535

0.007336

11.23

Comparison Table

From the table above, we can make a comparison for the waiting time that occurs in three scenarios. The three scenarios consist of the No Firewall scenario, Firewall scenario and Firewall VPN scenario. No Firewall scenario is the design that is not using the firewall, where that design only use a simple connection. The Firewall scenario is the design that is using the Firewall Hardware where the entire packet will pass through the Firewall filtering first. The third one is the Firewall VPN scenario where this scenario is includes with Firewall and VPN server. The WQ shows the value for the waiting time or delay.

As we can see in the comparison table, the waiting time for No Firewall scenario is the lowest compared the other two. Where the second one is the Firewall scenario and the third scenario that have more waiting time is Firewall VPN.

A Firewall actually is a specially programmed router that sits between a site and the rest of network. It is a router in the sense that it is connected to two or more physical networks and it forward packets from one network to another, but it also filter the packets that flow through it.

Following this experiment, the result shows that when there is no filtering for the packet, the delay is lowest. As we can see in No Firewall scenario result, the waiting time is only 0.005716 sec.

When we have a filtering application like Firewall in another scenario which is for Firewall Scenario, the delay is more than No Firewall scenario. The result for waiting time is 0.006399 sec. This value shows that, when we do some filtering for the packets, the waiting time will be more that the scenario without filtering session.

A VPN is an example of providing a controlled connectivity over a public network such as the Internet. VPN utilize a concept called an IP tunnel-a virtual point-to-point link between a pair of nodes that are actually separated by an arbitrary number of networks.

The statement about VPN shows that the VPN do some connectivity control. Where the VPN will have some control for the network. Following our result for Firewall VPN scenario shows that the delay is more than No Firewall scenario and Firewall scenario. The waiting time for Firewall VPN scenario is 0.007336 sec. This result shows that the VPN is making some more delay for the network.

Analyzing the queuing delay in a certain network is important to deliver the packet in a better way. The analysis also can persuade the entire network design to consider the effect of delay that always occurs in systems.

CONCLUSION

In conclusion, our experiment showed that Firewall_VPN scenario has more waiting time (queuing delay) compared to other scenarios. This is because the implementation of security features such as firewall and VPN in Firewall_VPN scenario.

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.