Re: Firewall bake-off?

[Carson Gaspar <carson () taltos org>]

Marcus J. Ranum wrote:

> This isn't intended as a bash at you, Kevin, because you're not the
> one who raised PPS as a measure of firewall performance (I think it
> was Carson) - but if someone starts talking about PPS as a firewall
> benchmark, they may as well hold up a big sign that reads:
> "I DO NOT UNDERSTAND WHAT A FIREWALL DOES"

Yup, that was I. In my defense, I was evaluating firewalls for market 
data traffic (among other things), where small packet rates and latency 
were important features, as was packet loss behaviour under load. The 
metric wasn't "which vendor is fastest", but rather "can we purchase a 
big enough box such that the performance is > x, and how much does said 
box cost?". Attempting to pry that data out of Checkpoint was next to 
impossible, because it made them look bad. If anyone wants to know to 
what lengths they went to weasel out of providing real performance data, 
buy me a drink some time.

-- 
Carson
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards