Re: High Speed Firewalls

[ddhumphr <david () bbn com>]

Hmmm.  Aside from the I/F nomenclature misunderstanding, I'd suggest you talk to a
Netscreen rep..  Their ASIC design looks interesting, their rules are very
reasonable, their admin. interface is very usable, and their large server is heavy
throughput.  And no, there is no reason that most people would think to use such a
high speed device.

...but then most people don't work at ISP's.  Nor do they operate part of the
national backbone.  So most people won't see the need for one of these.  That does
not, however mean it does not exist, believe me.


Ace


Robert Graham wrote:

> I think their may be some confusion between "gigabit" and "gigabyte".
>
> Also, from your description, it sounds like you don't need a "firewall" but
> basic packet filtering. A Cisco router can handle gigabits/second and can carry
> out this basic level of filtering.
>
> A high-end commercial firewall is good when you have a huge series of security
> needs that you want centralized: dynamic filters, VPN, NAT, proxy, etc. It is
> an extremely poor solution if you need high-speed, basic static packet filters.
> Any commercial firewall is overkill for such simple needs; you'll like find
> what you need in a packet-filtering router.

--
David Humphrey
Network Consultant
Professional Services

GTE Technology Organization
10 Fawcett St.
Cambridge, MA 02138
e-mail: david () bbn com
tel: 617 873 7548
Pager:  888 548 5834 (5485834 () skytel com)