IDS mailing list archives
RE: radware IDS load balancer
From: simon.thornton () swift com
Date: Tue, 17 Dec 2002 10:11:19 +0100
Hi, I just finished evaluating the RadWare fireproof in comparison to the TopLayer IDS balancer and F5 product. The model I used was the 5Gb/16FE with Gb fibre modules. The only issue I had initially was related to the firmware version; 2.51.04, which did not support port based forwarding. One area where the fireproof and toplayer switches differ is in how you define which traffic gets sent/balanced to which ports. On the toplayer the default mode is to forward one or more ports (all traffic) to one or more sensors. On the fireproof, with the firmware I had all you could define was forwarding based on IP address, which make combining diff. network segments (DMZ, DB LAN etc) onto the same switch with diff. IDS sensors tricky. The firmware upgrade to v2.53.07 brings it to the same level of functionality as the toplayer. The only GUI interface inconsistency is between the web interface and configware, some of the options are not available on the web interface. For management of the box you have: - configware (SNMP v1 based) - web interface - SSH - Telnet (these can be disabled as needed) Configware is java based, using SNMP v1 to access the radware, it can be installed on almost any JVM; tested under Windows, Solaris and Linux. Care should be taken in configuring the initial SNMP communities, using something simple initially and then change it using either the web or configware interfaces. If you take the fireproof, I have two recommendations: 1. Upgrade the firmware to the latest version, 2.53.07 or later 2. Upgrade configware to v1.77 or later The latter upgrade helps as it puts all of the IDS balancing functions into the same menu group (the policies were separate originally). The areas where the TopLayer scores better are in it's reporting capabilities, if you want stats showing the break down of the traffic you have it. Secondly the ASIC Flow-switch design is IMHO superior to the software design used by Radware. If you consider that the Toplayer IDS Balancer is a cut down app. switch where as the Fireproof is full L7 application switch, the difference in price is easier to understand. The fireproof is closer to the app. switch offering of Toplayer than the IDS balancer. In terms of ports, the IDS Balancer A3532 has 2x 1000 base SX ports plus 12x 10/100 FE in 2U, the top range fireproof is 5x 1000base SX plus 16x 10/100 FE in 1U. For port density in a rack, the fireproof is superior. One item to note; on each machine you will loose one FE port for managing the device. I like both switches but when it comes to price/port density, the Radware fitted my requirements more than the toplayer. Rgds, Simon --------------------------------------------------------------- BTW, FWIW, IMHO, AFAIK, yes. OTOH, AAMOF, maybe not. YMMV -----Original Message----- From: Stone Cold [mailto:scold () stackheap org] Sent: Monday, December 16, 2002 17:44 To: focus-ids () securityfocus com Subject: radware IDS load balancer I'm checking out a Radware loadbalancer and was wondering if anyone else out there has any experience with or comments about it. Specifically, I'm looking into the "Out of Path" network design with which I want to take a Gig fiber input, and load balance to multiple FE sensors. Just wondering how this product is holding up for others.
Attachment:
smime.p7s
Description:
Current thread:
- radware IDS load balancer Stone Cold (Dec 16)
- RE: radware IDS load balancer simon . thornton (Dec 17)
- <Possible follow-ups>
- RE: radware IDS load balancer SEdwards (Dec 17)