Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: 1Gb/s 3DES (Was RE: Firewall Throughput)

From: "Volker Tanger" <Volker.Tanger () globalone net>
Date: Thu, 14 Sep 2000 16:36:41 +0200
Greetings!

Ben Nagy wrote:


-----Original Message-----
From: JVBrown [mailto:jvbrown () gte net]
Sent: Wednesday, 13 September 2000 11:26 AM
Subject: RE: [fw-wiz] Firewall Throughput

[snip]

The NS1000 specifications are as follows...these are the
industry standards
in FW Throughput.

Ø 1Gb/s stateful-inspection NAT firewall
Ø 1Gb/s 3DES VPN

[snip]


You'll forgive me for being sceptical, but that's a _lot_ of 3DES
throughput.


For comparison:  according to the Checkpoint, the raw packet throughput of
its own Firewall-1 does not exceed 250 MBit/s
(http://www.checkpoint.com/products/firewall-1/pbrief.html).   3DES
throughput even with hardware 3DES accelerator
(http://www.checkpoint.com/products/vpn1/vpn1perfdata.html) does not exceed
60 MBit/s.

A difference by factor 4 with raw throughput is believable - but for factor
20 against hardware accelerated VPN I'd like to be doubtful, too.

Bye
    Volker


--

Volker Tanger  <volker.tanger () globalone net>
--------------------------------------------
Sr. Security Engineer  Tel. +49-69-92901-570
--------------------------------------------
Global One
  Global Security
    Global Service Engineering



_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: