Firewall Wizards mailing list archives

Re: cyberguard performance?

From: Mikael Olsson <mikael.olsson () clavister com>
Date: Sat, 28 Dec 2002 16:35:07 +0100


I don't know much about cyberguard in particular, but I do know
something about firewall throughput ...

ark () eltex ru wrote:


KS 1500 - 1.5Gbps performance
[...]
426 bytes for proxy instanse handling the connection, assuming there is
no OS at all ;-)


426 bytes is __NOT__ enough for full TCP reassembly and transmission.
It _might_ be enough for the TCP Control Block itself, but you need
somewhere between a couple of KB and 128 KB for a live TCP stream,
depending on connection throughput, packet reordering and packet loss.

Anyway, the performance figures you listed would lead me to believe
that it's doing stateful inspection and not proxying.

1.5Gbps stateful inspection (actually, a little bit more, with well-
optimized software) is doable with dual 66Mhz/64bit PCI buses, like
the Dell 1550/1650 has. (Hmm... 1U rack server.. :))

Is Cyberguard machine a generic Intel box?


Yes, it's a PC.  It runs a unix dialect that I can't quite 
remember right now.  SCO?

-- 
Mikael Olsson, Clavister AB
Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden
Phone: +46 (0)660 29 92 00   Mobile: +46 (0)70 26 222 05
Fax: +46 (0)660 122 50       WWW: http://www.clavister.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

cyberguard performance? ark (Dec 26)
- Re: cyberguard performance? Mikael Olsson (Dec 28)
  - Re: cyberguard performance? Mike Scher (Dec 29)
  - Re: cyberguard performance? David Lang (Dec 29)
    - Re: cyberguard performance? ark (Dec 30)
  - finding security threats Kilaru Sambaiah (Dec 30)
    - Re: finding security threats Devdas Bhagat (Dec 30)
  - Message not available
    - Re: finding security threats Marcus J. Ranum (Dec 30)