Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Info Request: Looking for alternatives in HA/Load balancing firewalls that are also scalable and modular. . .

From: "Paul Melson" <pmelson () gmail com>
Date: Fri, 7 Apr 2006 16:06:42 -0400
-----Original Message-----
are also scalable and modular. . .


We're currently spec'ing functional requirements for a new web-based

implementation of a 

number of enterprise apps.  One obvious problem is the firewall system: it

needs to be both 

load-balancing and high-availability, AND scalable.  We're still getting a

feel for 

potential traffic, but we expect to have a requirement for in-line

expansion of the system 

while remaining online.


Sounds like a big firewall.  I'm curious, though, as to why load-balancing
is a requirement.  My experience has been that an appropriately-sized single
firewall as part of a fail-over pair is more reliable and performs better
than a comparable load-balanced firewall.  



One of the obvious candidates is the Nortel Alteon platform, but that 
also limits us to FW-1.   We're nowhere close to downselect on a 
platform or a firewall, but I'm looking for alternative platforms to start

getting info on, 

so we can make sure the requirements we develop can actually be

IMPLEMENTED in reality. . .

If it were me, I'd look at SPLAT with ClusterXL over Alteon.  You'll lay out
some dough for load-balancing with ClusterXL, but at least the hardware can
be (relatively) cheap.

The only other firewall vendor I can think of that does (or at least claims
to do) load-balancing is Symantec Enterprise Firewall.  However, you may
also want to look at third-party load-balancing solutions like Radware
FireProof or Foundry ServerIron.

PaulM


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: