Hello Guys, I'm currently doing a security audit and it seems that the company is in the market for a firewall upgrade. I'm looking into open source firewall solutions or rolling my own ipTables box, and I've got a question about the scalability of a box running an ipTables (or ipChains) firewall on decent hardware. I've got experience running ipTables firewalls for small offices (about 25 to 50 users), but I really do not know about larger operations.
I've come across a lot of solutions just by reading this list (thanks to you guys) : Astaro , shorewall , watchguard are looking quite good etc. but only Watchguard has this kind of info : http://www.watchguard.com/products/fbcompare_print.asp For example : Mid-Size Business or Branch Office 1,000 Authenticated Users 131 Mbps Stateful inspection throughput speed So it seems that if you've got decent hardware, ipTables can handle almost anything. I know these tests are extremely subjective and based on the watchguard hardware configurations. But I would like to know if you guys now what a ipTables ( eg. Astaro, Shorewall ) can handle ? The target network is about 500 users, with 5 Public IP's that have to be NAT'd to a small DMZ. What kind of roll-your-own hardware did you use ? And what other stuff do you run upon the firewall (http proxy, socks, SNORT, ... ?) that could have some scalability issues... Thanks up front, Nicky Peeters mailto:[EMAIL PROTECTED] Belgium _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
