Re: Virtualisable Firewalls

[Gareth Batchelor <gareth () demon net>]

On Wed, Aug 23, 2000 at 11:14:28PM -0700, Brett Eldridge wrote:
 
> On Fri, 4 Aug 2000, Colin Horsington wrote:
>
> > We would like high bandwidth (500Mbps packet inspection/proxying) but we
> > would like to do this in one box if possible.
> >
> > To do this we would either need ATM interafces, or many-many ethernet
> > interfaces. If it were to be ATM then we would have a
> > incoming/outgoing IP interface (each having a seperate PVC/SPVC) and
> > firewall on each set. Thus we have a 622Mbps ATM link out of our core
> > network with many PVC's and firewall individual server farms/DSL
> > customers.
>
> the gig eth in - gig eth out w/ firewall policy dependent upon 802.1q tag
> isn't available commercially...yet.

Have a look at the Netscreen 1000:

http://www2.netscreen.com/pub/products/ns1000.html

It offers 802.1q VLAN tag support as well as virtual systems (multiple
security domains) so that you can have a separate policy for each
virtual system/VLAN.

Regards,
Gareth


_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards