Hello,
I've been given a project were I have to firewall off an ATM network.
Basically, it's just put Firewall-1 (with Solaris or Nokia) in all
the entry points of the enviorment.
I'm quite worried about the performance degradation that this will
put on the ATM PVC connection.
On one side, there's throughput. I've read that Checkpoint claims
that FW-1 can handle 240 Mbps on the correct machine. I very much
doubt it. The PVC that we're running is 155 Mbps, and I feel that
that would be too much, even if we're only going to use the firewall
as a "packet filter". Does anybody have any experience in this issue?
Also, delay issues. Does anybody know what delay on the packets will
the firewall put? I'm not in a position to fine tune the MTU and
window size of the machines involved, so that's not an option to
get around throughput issues related to the RTT.
Regarding the FW-1 choice, it's the companie's preferred firewall
solution. But if FW-1 is not able to handle the job, the company
is quite happy to go for another supplier.
Can anybody help? Thanks!
-- p.
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
