On Wed, 31 Mar 1999, Mike Bost wrote:
:When using a router (Cisco 7500 series) as a Packet Filtering firewall,
:what is the best way to measure actual throughput? With an ACL that is
:huge, is there any measurable degradation of service? I have been told
:that there are some tools which can perform offline assessments of the
:efficiency of the placement of the rule statements, but unfortunatly have
:not been able to locate said resource.
:Thank you for your time
I'm assuming that you haven't looked at MRTG at:
http://ee-staff.ethz.ch/~oetiker/webtools/mrtg/mrtg.html
This is ideal for monitoring throughput on interfaces via snmp.
Otherwise if you are using Netflow, you can use cflowd which
is available, among others, at http://www.caida.org/Tools/ .
HTH,
-j
--
jamie.reid
Chief Reverse Engineer
Superficial Intelligence Research Division
Defective Technologies
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
