Security apparatuses are considered to be one of the key elements within a data center Service-Oriented Architecture (SOA) infrastructure due to friendly deployment, testing, and performance. Specifically, preventive/security apparatuses are security devices administrating network delivery based on traffic rules. Traditional packet filtering may be less effective for intrusion prevention. Other than header processing, content inspections are widely performed to authorize content transmissions. Preventive/security apparatuses also provide mission critical web service security. Hence, an SOA apparatus performance assurance is one of the service objectives within a data center.
Within a preventive/security apparatus system life cycle, the properties of a performance measurement hold a partially observable and stochastic task environment due to incomplete environmental data collection, input, and uncertainty of future states. In addition, the performance measurement is a dynamic and sequential task, since a current load can influence performance predictions and consequently impact future sizing and planning.
Moreover, diversified vendor specific architectures and implementations pose a challenge to a finite experimental environment used to model security apparatus performance. Exploratory actions, such as production probing, may be limited by the time frame of the execution and overhead of management traffics. In addition, traditional apparatus benchmark tests require data collections depend upon programming languages, compilers and hardware platforms. A single benchmark result may not predict apparatus service levels. Furthermore, a single benchmarking may not substantiate a bound analysis and hypothesis. With modern components, systems, software and operating systems, it may be even harder to gauge the accuracy of an intuitive model from experts or experience. Also, scientific methods such as simulation models require low-level development of emulation programs and validation against a probabilistic distribution of job or task workloads. However, analytic models are abstracted by less detailed algorithmic operations to generate the output of expected performance measures for a set of workload input parameters. Hence, approximate analytic models are acceptable for capacity analysis and planning for an SOA apparatus deployment.
With regards to performance evaluation, both qualitative and quantitative studies are influential analysis strategies. In the field of qualitative research, a theoretical foundation has been proposed to unify and extend the analytic models of a computer system as a general queuing model. The model is motivated by the abstraction of a computer system as a network of a set of computational resources (service centers), a collection of jobs or tasks (customers), and an interconnection of a network of queues. In addition, the queue sizes of the different classes of customers, utilization of the service centers, response time for customers and throughput of the customers may be the key performance measurable of the derived model.
Such a queue model of these networked systems are referred to as a Queuing Network model. The Queuing Network model may be a qualitative evaluation based on performance aspects through the life cycle of a computer system. However, the mapping between a real system and a Queuing Network model is a non-trivial task since a model should abstract out some complexities and consider essential aspects contributing to a generalized overview of a real system.
Within quantitative studies, one influential research discovered operational laws about quantitative relationships based upon established performance measures of a real system. For example, the Utilization Law defines the relationship between resource utilization and throughput. The Service Demand Law is associated with system throughput and resource utilization. The Forced Flow Law relates a resource throughput with a system throughput. According to Little's Law, resource response time may be associated with resource throughput and the number of customers. According to the Interactive Response Time Law, a system average response time depends upon system throughput. Practical models built upon these operational laws have been applied to routine performance engineering.
Other performance studies proposed that a performance model and workload model should evolve through the life cycle of system development for future performance predictions and estimations. It is with respect to these considerations and others that the current invention is directed.