Thank you for your work on draft-ietf-bmwg-ngfw-performance. This is a straightforward review establishing metrics for comparison of SUT/DUT for firewalls establishing measurement requirements as well as acceptance criteria. When crypto is recommended for use in testing, it's current, although it should be noted that this is just for test environments. In terms of security, I think this document is ready with nits. Please add a security considerations section. Feel free to include something like what's above. Section 4.1: Nit Spell out Device under test/system under test on first use. I don't think it comes up that often in the IESG review cycle. I had to look it up and my memory was jogged. Sorry for my late 'early' review!