Designing an integrated architecture for network content security gateways

Abstract

Increasing computer processing power has made it economically feasible to integrate multiple functions into a single gateway, but the industry remains divided over whether that is preferable to an all- in- one solution. Researchers in this area have primarily focused on enhancing performance. Little research, however, has examined integrated content security architectures. To address this issue, the authors integrated five popular open source content security packages. Using a set of external and internal benchmarks, they compared packet-flow performance during content inspection by combining a loosely integrated arrangement with a tightly integrated content security gateway. Their research indicated that this new architecture substantially reduces overhead in interprocess communications and kernel/ user space interactions. The study also revealed that the main bottlenecks of content processing are string matching in Web filtering and RAM disk access in mail processing.