‘Network security and performance’ marked the ninth week of FIT5037. This is a logical extension of the previous weeks lecture of organizational level network security. There has traditionally been a mutual exclusivity between speed and security. This is most definitely a sore spot for many organizations, particularly when finding a degradation in performance after investing money! The lecture looked at common techniques that should be used to ensure convenience is not disproportional affected by security efforts. The notes outlined four key topics for the week:

  • Load balancing and firewalls
  • VPN and network performance
  • Network address translation [NAT] and load balancing
  • Network security architecture

Key awareness issues that were recurring through the lecture:

  • Security! – Does a software/hardware/architecture solution or combination of these provide sufficient security
  • Speed and availability – Do security solutions allow for the required level of service availability for operational requirements? Is service speed affected to an unacceptable extent?
  • Robustness – If one component fails, what are the repercussion for the rest of the network in terms of previous issues?
robustnetwork
Example of adjustments to design in consideration to organisational concerns (source: notes10)

The diagram above illustrates how the adoption of load balancers and multiple parallel firewalls suffices speed and robustness requirements.

The lecture went on to introduce the topics of protocol security and certain VPN solutions.