Traffic Management and Security Based on Priority Queueing and Multicore Firewall Implementation

We consider the telematics appliances, such as firewall, as a basic part of security system with specific preemptive priority queuing and access control algorithm oriented on multi-core implementation. Proposed randomized push-out buffer management mechanism with α parameter allows tuning very efficiently the loss probability of priority packets and the time they spend in queue as the factors used for firewall configuration. The packet losses probabilities for priority and non-priority traffic are calculated using the generating function approach and apply to network security policy. We suggest appointing parameter α to each virtual connection according to a security service policy. The service of each connection in firewall is done in correspondence with this parameter and if α=0 then packets pass our device without changes and delays with standard best effort mechanism, if 0<α<1 some packets are delayed/dropped and if α=1 all packets of virtual connection are prohibited.