Re: [fw-wiz] 10Gb Firewalls


take a look on Cisco ASA 5580-40 Firewall Edition 4 x 10GE Bundle.
• 10 Gbps Firewall
• 1 Gbps IPsec VPN

CISCO Part. No. ASA5580-40-10GE-K9

Hf, Jens

Kerry Milestone schrieb:
Hello kind Wizards,

I am investigating the possibilities of putting a firewall on the end of a 10Gb link. I'd like to be able to inspect at 10Gb wirespeed. As this is a scoping project (though it _has_ to happen due to the nature of projects in the institute), cost is not the main issue. I've come across the Nortel Switched Firewall 6000, however this 'only' does 6Gb throughput.

Alternatively, we have several firewalls which work at 1Gb and are wondering if its a better to chanelize [sic] and put say 10 firewalls each dealing with different traffic. In coming years, IP based VPN's to other sites will become more used - and more 10Gb links to site perhaps building up to a 40Gb WAN backbone. We currently have an IDS which will can handle this much volume.

The next question, is extending the SAN. If using iSCSI, is it better to leave this traffic off the firewall and just route it through, say a GRE tunnel without encryption?

Would be keen to hear any thoughts on the theory of what I want to do. Implementation is not so difficult, really after some 'best practices' thoughts.

Many thanks,

