| rfc9411v2.txt | rfc9411.txt | |||
|---|---|---|---|---|
| skipping to change at line 98 ¶ | skipping to change at line 98 ¶ | |||
| 7.3. HTTP Throughput | 7.3. HTTP Throughput | |||
| 7.3.1. Objective | 7.3.1. Objective | |||
| 7.3.2. Test Setup | 7.3.2. Test Setup | |||
| 7.3.3. Test Parameters | 7.3.3. Test Parameters | |||
| 7.3.4. Test Procedures and Expected Results | 7.3.4. Test Procedures and Expected Results | |||
| 7.4. HTTP Transaction Latency | 7.4. HTTP Transaction Latency | |||
| 7.4.1. Objective | 7.4.1. Objective | |||
| 7.4.2. Test Setup | 7.4.2. Test Setup | |||
| 7.4.3. Test Parameters | 7.4.3. Test Parameters | |||
| 7.4.4. Test Procedures and Expected Results | 7.4.4. Test Procedures and Expected Results | |||
| 7.5. Concurrent TCP/HTTP Connection Capacity | 7.5. Concurrent TCP Connection Capacity with HTTP Traffic | |||
| 7.5.1. Objective | 7.5.1. Objective | |||
| 7.5.2. Test Setup | 7.5.2. Test Setup | |||
| 7.5.3. Test Parameters | 7.5.3. Test Parameters | |||
| 7.5.4. Test Procedures and Expected Results | 7.5.4. Test Procedures and Expected Results | |||
| 7.6. TCP or QUIC Connections per Second with HTTPS Traffic | 7.6. TCP or QUIC Connections per Second with HTTPS Traffic | |||
| 7.6.1. Objective | 7.6.1. Objective | |||
| 7.6.2. Test Setup | 7.6.2. Test Setup | |||
| 7.6.3. Test Parameters | 7.6.3. Test Parameters | |||
| 7.6.4. Test Procedures and Expected Results | 7.6.4. Test Procedures and Expected Results | |||
| 7.7. HTTPS Throughput | 7.7. HTTPS Throughput | |||
| skipping to change at line 540 ¶ | skipping to change at line 540 ¶ | |||
| Note 3: In the event that the DUT/SUT is designed to not use ACLs, it | Note 3: In the event that the DUT/SUT is designed to not use ACLs, it | |||
| is acceptable to conduct tests without them. However, this MUST be | is acceptable to conduct tests without them. However, this MUST be | |||
| noted in the test report. | noted in the test report. | |||
| 4.2.1. Security Effectiveness Configuration | 4.2.1. Security Effectiveness Configuration | |||
| The selected security features (defined in Tables 2 and 3) of the | The selected security features (defined in Tables 2 and 3) of the | |||
| DUT/SUT MUST be configured effectively to detect, prevent, and report | DUT/SUT MUST be configured effectively to detect, prevent, and report | |||
| the defined security vulnerability sets. This section defines the | the defined security vulnerability sets. This section defines the | |||
| selection of the security vulnerability sets from the Common | selection of the security vulnerability sets from the Common | |||
| Vulnerabilities and Exposures (CVEs) list for testing. The | Vulnerabilities and Exposures (CVEs) list [CVE] for testing. The | |||
| vulnerability set should reflect a minimum of 500 CVEs from no older | vulnerability set should reflect a minimum of 500 CVEs from no older | |||
| than 10 calendar years to the current year. These CVEs should be | than 10 calendar years to the current year. These CVEs should be | |||
| selected with a focus on in-use software commonly found in business | selected with a focus on in-use software commonly found in business | |||
| applications, with a Common Vulnerability Scoring System (CVSS) | applications, with a Common Vulnerability Scoring System (CVSS) | |||
| Severity of High (7-10). | Severity of High (7-10). | |||
| This document is primarily focused on performance benchmarking. | This document is primarily focused on performance benchmarking. | |||
| However, it is RECOMMENDED to validate the security features | However, it is RECOMMENDED to validate the security features | |||
| configuration of the DUT/SUT by evaluating the security effectiveness | configuration of the DUT/SUT by evaluating the security effectiveness | |||
| as a prerequisite for performance benchmarking tests defined in | as a prerequisite for performance benchmarking tests defined in | |||
| skipping to change at line 1827 ¶ | skipping to change at line 1827 ¶ | |||
| The test equipment MUST start to measure and record all specified | The test equipment MUST start to measure and record all specified | |||
| KPIs. Continue the test until all traffic profile phases are | KPIs. Continue the test until all traffic profile phases are | |||
| completed. | completed. | |||
| Within the test results validation criteria, the DUT/SUT MUST reach | Within the test results validation criteria, the DUT/SUT MUST reach | |||
| the desired value of the target objective in the sustain phase. | the desired value of the target objective in the sustain phase. | |||
| Measure the minimum, average, and maximum values of the TTFB and | Measure the minimum, average, and maximum values of the TTFB and | |||
| TTLB. | TTLB. | |||
| 7.5. Concurrent TCP/HTTP Connection Capacity | 7.5. Concurrent TCP Connection Capacity with HTTP Traffic | |||
| 7.5.1. Objective | 7.5.1. Objective | |||
| Determine the number of concurrent TCP connections that the DUT/SUT | Determine the number of concurrent TCP connections that the DUT/SUT | |||
| sustains when using HTTP traffic. | sustains when using HTTP traffic. | |||
| 7.5.2. Test Setup | 7.5.2. Test Setup | |||
| The testbed setup MUST be configured as defined in Section 4. Any | The testbed setup MUST be configured as defined in Section 4. Any | |||
| specific testbed configuration changes (number of interfaces, | specific testbed configuration changes (number of interfaces, | |||
| skipping to change at line 2666 ¶ | skipping to change at line 2666 ¶ | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| 10.2. Informative References | 10.2. Informative References | |||
| [CVE] CVE, "Current CVSS Score Distribution For All | ||||
| Vulnerabilities", <https://www.cvedetails.com/>. | ||||
| [fastly] Oku, K. and J. Iyengar, "QUIC vs TCP: Which is Better?", | [fastly] Oku, K. and J. Iyengar, "QUIC vs TCP: Which is Better?", | |||
| April 2020, <https://www.fastly.com/blog/measuring-quic- | April 2020, <https://www.fastly.com/blog/measuring-quic- | |||
| vs-tcp-computational-efficiency>. | vs-tcp-computational-efficiency>. | |||
| [RFC2544] Bradner, S. and J. McQuaid, "Benchmarking Methodology for | [RFC2544] Bradner, S. and J. McQuaid, "Benchmarking Methodology for | |||
| Network Interconnect Devices", RFC 2544, | Network Interconnect Devices", RFC 2544, | |||
| DOI 10.17487/RFC2544, March 1999, | DOI 10.17487/RFC2544, March 1999, | |||
| <https://www.rfc-editor.org/info/rfc2544>. | <https://www.rfc-editor.org/info/rfc2544>. | |||
| [RFC2647] Newman, D., "Benchmarking Terminology for Firewall | [RFC2647] Newman, D., "Benchmarking Terminology for Firewall | |||
| End of changes. 4 change blocks. | ||||
| 3 lines changed or deleted | 6 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||