Eli,
NAT shouldn't be a big impact on the performance of your firewall.
It can lead to some overhead but not much.
Rules aren't a blocking issue and can be as many as you want.
Afterall it depends on the amount of traffic the firewall has to route
(and translate if you use NAT) between the different networks. If
you have just a 512kb lease line then the firewall should cope it
all (also depends on the hardware and amount of traffic).
The higher the bandwidth and potential traffic then it's possible that
the firewall does not have enough resources to do it's job.
Conclusion:
It all depends on all kinds of things to say "that can result in
performance" but in general NAT and the amount of rules shouldn't
be such an issue. It all depends on hardware and the amount
of throughput / network speed.
Regards,
Brenno
> -----Original Message-----
> From: Eli Kamhine [SMTP:[EMAIL PROTECTED]]
> Sent: donderdag 14 juni 2001 10:08
> To: '[EMAIL PROTECTED]'
> Subject: (no subject)
>
> Hi,
>
> We are using Checkpoint's firewall-1.
> I would like to use the NAT function.
> Does enabling NAT functionality have a high impact on the firewall's
> performance?
> How many rules (every rule is relevant to one IP address) are "feasible"
> (just in an order of magnitude) while keeping the
> performance reasonable?
>
> Thank you for you help !!,
>
> Eli Kamhine
>
>
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
