Implementation of a firewall can be a complex process, with multiple factors affecting overall performance. These should be considered over the course of the useful life of a firewall, including:

• Deployment use cases: Will the firewall be deployed to protect servers, desktop clients, or both?
• What does the traffic look like?
  • Concurrency and connection rates
  • Connections per second and capacity with different traffic profiles
  • Latency and application response times

There is usually a trade-off between security effectiveness and performance; a product’s security effectiveness should be evaluated within the context of its performance (and vice versa). This ensures that new security protections do not adversely impact performance and security shortcuts are not taken to maintain or improve performance.