Firewall Wizards mailing list archives

Re: nokia firewalls

From: "Jerald Josephs" <jerald.josephs () iprg nokia com>
Date: Fri, 16 Jul 1999 09:20:13 -0700

Hello,

I would reply only to the question below, "does the load balancing work?"
in technical terms and leave it up to others to comment on the product I
support.

FireWall-1's connection control module is the mechanism available to
distribute incoming connections addressed to a virtual IP address across
a group of servers.  FireWall-1 on a Nokia platform supports both logical
servers of type HTTP and of type Other.

Other may be used for HTTPS connections if the logical server is also
put into Persistent mode.  Initially, I had a problem with this mode because
after a client was assigned a physical server that was subsequently removed,
this client could not connect to a new physical server until 30 minutes has
elapsed. The balancing method used was round-trip

However, you can change this timeout by modifying LOGICAL_CACHE_TIMEOUT
in $FWDIR/lib/table.def on the Management Server and pushing the policy to
the firewall(s).

Additionally, new connections (originating from other clients) to this
failed server will
be redirected to a new server after about 1 minute (default). This server
timeout for the
round-trip balancing method may be modified by adding

: logical_servers_timeout (n) (where n is seconds)

to the props: section of the objects.C file

Jerald.Josephs () IPRG Nokia COM
Senior Escalation Engineer               (888)477-9824 or (650)625-2525
Support Services                              http://support.iprg.nokia.com
Nokia IP Routing                              http://www.iprg.nokia.com


----- Original Message -----
From: Neil Lehrer <nlehrer () ibb gov>
To: <firewall-wizards () nfr net>
Sent: Thursday, July 15, 1999 11:39 AM
Subject: nokia firewalls

hi,

i am soliciting opinions on the nokia ip series firewalls.

how well do they work?
is fw-1 well integrated?
does the load balancing work?
do nokia and checkpoint corporate get along?
how is tech support?

anything else you would like to contribute.

thanks



--


regards

+++++++++++++++++++++++++++++++++++++++++++++++
+ Neil Lehrer
+
+ International Broadcasting Bureau
+ System Development Division
+
+ voice    202 619-2524
+ fax      202 619-3576
+ nlehrer () ibb gov
+
+ " is this crisis an opportunity or just
+   another grab the fire extinguisher moment?"
+
++++++++++++++++++++++++++++++++++++++++++++++++

Current thread:

nokia firewalls Neil Lehrer (Jul 15)
- Re: nokia firewalls Jerald Josephs (Jul 16)
- Re: nokia firewalls Carric Dooley (Jul 16)
  - Re: nokia firewalls Eric Hall (Jul 20)