Re: IBM secureway firewall

[firegod <firegod () cobal org>]

At 03:18 PM 12/4/2002 -0500, you wrote:


> Anyone has experience with this beast?  Anyone know the history of the
> product?

During my time at IBM's Universal Server Farm, I easily built over 60 of 
these (mostly around the time they did the version transition from Secure 
Network Gateway to calling it Secureway - around that time they gave it an 
interface that was very Gauntlet-ish and added a lot more app=proxy and VPN 
features changing it from what was basically a text file with ACL's). They 
used it there primarily as a packet filter. We didn't use any of the 
application proxy features, but I will agree with everyone else that for 
what it was, it was it worked fairly well. In the older versions there were 
a lot of gotchas trying to use the VPN features with NAT as well.

The problems that plagued us most with it - at least through version 4.x 
were mainly ones of throughput, it simply couldn't deal with a high amount 
of packets per second (it was a web server farm so most of the traffic was 
small packet, bursty traffic) it started dropping a lot of traffic between 
5k and 8k pps IIRC.




--
oOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOo
Anybody can be a non-drunk. It takes a special talent to be a
drunk. It takes endurance. Endurance is more important than
truth.
                                                -Bukowski
firegod () cobal org----------------xXx-----------------rob.havelt
        Witness! the now aging and in need of updating:
                        http://www.cobal.org/

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards