Re: [fw-wiz] Firewall scaling



Um.... I used to work at a firewall company and with each new release
I would monitor the product's performance. We easily had 100-200
users behind this particular firewall, including a mail-server and I
NEVER saw the number of connections get anywhere near 32,000. 1/3 to
1/5 of that number is more like it.

It doesn't sound like you are dealing with very experienced people.
Perhaps the best you can do is gather anecdotal evidence (like this)
and use that?

----------
Ian Searle
ians@xxxxxxxxxxxxxxxx

P.S. There were times when I would send and email to "all@...."
asking everyone to surf the web all at the same time. Still, we
never hit anything like 32k connections.


On Jun 26, 2007, at Jun/26 - 10:49 PM, rgolodner@xxxxxxxxxxxxxxxx wrote:

Sami, it also depends on what type of traffic you are jamming
down theone wan link. If you have any type of mail server behind
your firewall, you may move up to that 32000 ceiling real quick.
Provide a little more information and this list will help you out.
With that many users and not knowing traffic types or amounts it is
hard to give you a decent rationale for your argument.

Richard Golodner

-----Original Message-----
From: Sami Ghourabi [mailto:sami.ghourabi@xxxxxxxxxxxxxxxxxxxxxx]
Sent: Saturday, June 23, 2007 07:40 AM
To: firewall-wizards@xxxxxxxxxxxxxxxxxxxxxxx
Subject: [fw-wiz] Firewall scaling

Hi List,

I'm trying to convince management that a firewall that supports 32000
concurrent sessions is enough for an organization that has a
single WAN
internet link, and about 60-100 users, but I'm lacking arguments.

What do you think about that statement? Are there any rational
methods
available for firewall performance scaling (concurrent sessions, new
sessions per second, throughput, etc.)

Any answer/resource appreciated.

Best Regards.

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Which firewall is best ?
    ... I am looking for Firewall for one of sites in INDIA. ... Concurrent Sessions --- 500,000 ... Authentication based User Web Access ... Fragmented Packet Reassembly ...
    (comp.security.firewalls)
  • Re: [fw-wiz] Firewall scaling
    ... I'm trying to convince management that a firewall that supports 32000 ... concurrent sessions is enough for an organization that has a single WAN ... internet link, and about 60-100 users, but I'm lacking arguments. ...
    (Firewall-Wizards)
  • [fw-wiz] Firewall scaling
    ... I'm trying to convince management that a firewall that supports 32000 ... concurrent sessions is enough for an organization that has a single WAN ... internet link, and about 60-100 users, but I'm lacking arguments. ...
    (Firewall-Wizards)
  • Re: [fw-wiz] Firewall scaling
    ... I'm trying to convince management that a firewall that supports 32000 ... concurrent sessions is enough for an organization that has a single WAN ... internet link, and about 60-100 users, but I'm lacking arguments. ...
    (Firewall-Wizards)
  • Re: Firewall for a web farm
    ... You need to identify how many concurrent sessions are being initiated ... across your firewall before you make a blind decision. ... Also consider something that is definitely a true security ...
    (comp.security.firewalls)