Abstract

Foundry Networks, Inc. commissioned The Tolly Group to evaluate the Layer 4 and Layer 7 performance of its ServerIron 450, as well as the ability of the switch to defeat wire-speed Gigabit-rate Denial of Service (DoS) attacks in the network without adversely affecting legitimate application traffic. The ServerIron 450 is a chassis-based intelligent Layer 4-7 application switch that provides load-balancing, content switching and advanced security functionality.

Tolly Group engineers subjected the ServerIron 450 to a quartet of tests: First, engineers measured the ServerIron 450’s connection rate performance using its Layer 4 TCP/HTTP load balancing, and then its Layer 7 URL switching. Engineers tested the ServerIron 450 against a range of object sizes from 256 bytes to 8,192 bytes in response to HTTP GET requests over each TCP connection. Engineers then tested the ServerIron 450’s throughput performance – the maximum HTTP throughput the switch can handle at the steady state using a range of HTTP object sizes. Next, the ServerIron 450 was subjected to a wire-speed Gigabit-rate DoS attack at 1.488 million TCP SYN packets per second to determine the effectiveness of the device in sheltering server farms from such malicious attacks with no degradation in legitimate application performance.