Security Basics mailing list archives
RE: HW firewall for LAN
From: "McGill, Lachlan" <mcgilll1 () anz com>
Date: Wed, 3 Dec 2003 09:28:41 +1100
From Cisco Press:
PIX 506: SOHO, 10Mbps throughput, 400 simultaneous sessions, max 2 interfaces PIX 515: Small/medium business, 120Mbps throughput, 125,000 simultaneous sessions, max 6 interfaces PIX 520: Large enterprise business, 370Mbps throughput, 250,000 simultaneous sessions, max 6 interfaces PIX 525: Enterprise/Service Provider, 120Mbps throughput, 280,000 simultaneous sessions, max 8 interfaces PIX 535: Enterprise/Service Provider, 1Gbps throughput, 500,000 simultaneous sessions, max 10 interfaces I would suggest that a 525 would probably best fit your needs. -----Original Message----- From: Dan Duplito [mailto:danduplito () techie com] Sent: Tuesday, 2 December 2003 7:57 PM To: security-basics () securityfocus com Subject: HW firewall for LAN hi, forgive me if this is a newbie query -- i'm relatively new to the security industry. we're looking to getting a HW firewall between our LAN and internal servers, similar to the one we have for our DMZ. i'm just wondering if a Cisco PIX (515 or 525) firewall is not overkill for a 3000+ user-base LAN/WAN network (i've read the specs from Cisco site but nothing was mentioned regarding user-base limit/capacity for each firewall). traffic will mostly constitute the usual Internet, mail, dns and telnet/ssh access to the servers. is there a rule-of-thumb for determining the appropriate firewall CPU speed and memory for a particular number of users? TIA for the help and inputs, dan --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- HW firewall for LAN Dan Duplito (Dec 02)
- <Possible follow-ups>
- RE: HW firewall for LAN Shawn Jackson (Dec 02)
- RE: HW firewall for LAN McGill, Lachlan (Dec 02)
- RE: HW firewall for LAN Dan Duplito (Dec 03)
- Secure RPC Darragh O'Brien (Dec 03)