RE: Checkpoint FW-1 & ATM performance degradation

Wed, 20 Jun 2001 01:36:06 -0700 

Maybe build a firewall cluster with Stonebeat and Firewall -1 if you
run your systems on Solaris or NT (would not recommend NT though).
You can scale your cluster to make a more load balanced / load sharing
firewall solution then just one system firewall

I think, don't have proof to support my thoughts, that Firewall 1 on a 
nokia has a better throughput then on Solaris.

And if, after a thorough research, you don't think Firewall-1 can do it,
I sure know Cisco PIX can do the job....

Regards,

Brenno

> -----Original Message-----
> From: Pere Camps [SMTP:[EMAIL PROTECTED]]
> Sent: dinsdag 19 juni 2001 18:14
> To:   [EMAIL PROTECTED]
> Subject:      Checkpoint FW-1 & ATM performance degradation
> 
> Hello,
> 
> I've been given a project were I have to firewall off an ATM network.
> Basically, it's just put Firewall-1 (with Solaris or Nokia) in all 
> the entry points of the enviorment.
> 
> I'm quite worried about the performance degradation that this will 
> put on the ATM PVC connection.
> 
> On one side, there's throughput. I've read that Checkpoint claims 
> that FW-1 can handle 240 Mbps on the correct machine. I very much 
> doubt it. The PVC that we're running is 155 Mbps, and I feel that 
> that would be too much, even if we're only going to use the firewall 
> as a "packet filter". Does anybody have any experience in this issue?
> 
> Also, delay issues. Does anybody know what delay on the packets will 
> the firewall put? I'm not in a position to fine tune the MTU and 
> window size of the machines involved, so that's not an option to 
> get around throughput issues related to the RTT.
> 
> Regarding the FW-1 choice, it's the companie's preferred firewall 
> solution. But if FW-1 is not able to handle the job, the company 
> is quite happy to go for another supplier.
> 
> Can anybody help? Thanks!
> 
> -- p.
> 
> 
> 
> 
> 
> 
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls

Reply via email to