Firewall Wizards mailing list archives

Re: Firewall scaling

From: Ian Searle <ians () potatoplanet org>
Date: Wed, 27 Jun 2007 11:09:33 -0700

Um.... I used to work at a firewall company and with each new release  
I would monitor the product's performance.  We easily had 100-200  
users behind this particular firewall, including a mail-server and I  
NEVER saw the number of connections get anywhere near 32,000.  1/3 to  
1/5 of that number is more like it.

It doesn't sound like you are dealing with very experienced people.   
Perhaps the best you can do is gather anecdotal evidence (like this)  
and use that?

----------
Ian Searle
ians () potatoplanet org

P.S.  There were times when I would send and email to "all@...."  
asking everyone to surf the web all at the same time.  Still, we  
never hit anything like 32k connections.


On Jun 26, 2007, at Jun/26 - 10:49 PM, rgolodner () infratection com wrote:

     Sami, it also depends on what type of traffic you are jamming  
down theone wan link. If you have any type of mail server behind  
your firewall, you may move up to that 32000 ceiling real quick.  
Provide a little more information and this list will help you out.  
With that many users and not knowing traffic types or amounts it is  
hard to give you a decent rationale for your argument.

Richard Golodner

-----Original Message-----
From: Sami Ghourabi [mailto:sami.ghourabi () online-netsecurity com]
Sent: Saturday, June 23, 2007 07:40 AM
To: firewall-wizards () listserv cybertrust com
Subject: [fw-wiz] Firewall scaling

Hi List,

I'm trying to convince management that a firewall that supports 32000
concurrent sessions is enough for an organization that has a

single WAN

internet link, and about 60-100 users, but I'm lacking arguments.

What do you think about that statement? Are there any rational

methods

available for firewall performance scaling (concurrent sessions, new
sessions per second, throughput, etc.)

Any answer/resource appreciated.

Best Regards.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Firewall scaling Sami Ghourabi (Jun 26)
- Re: Firewall scaling Marcus J. Ranum (Jun 27)
- Re: Firewall scaling sin (Jun 27)
  - Re: Firewall scaling jason (Jun 27)
    - Re: Firewall scaling Pollock, Joseph (Jun 27)
- Re: Firewall scaling K K (Jun 27)
- <Possible follow-ups>
- Re: Firewall scaling rgolodner (Jun 27)
  - Re: Firewall scaling Ian Searle (Jun 27)
- Re: Firewall scaling Keith A. Glass (Jun 27)