> We've seen gbit certified solutions starting to fail at 15mbit with <2000 > sessions during PoC's....
This is really interesting. Can you throw some more light on traffic pattern which brings down the performance to 15Mbps? Ravi On Mon, Feb 23, 2009 at 9:16 AM, Trygve Aasheim <[email protected]> wrote: > Another question would be: > > - How big is the rule base? > - Any exceptions > - How many filters/signatures/detection features failed to analyze the > traffic before the latency treshold was exceeded? > - Is the rule base based on a scenario where you for example pretend to > protect a windows server and workstation network, and therefor enable all > signatures for this - and turn off all *nix signatures? Or the other way > around? Or a pure web-/app-/database server network? > > A lot of these tests fail to test the devices in a "near real world > scenario" where the IPS is configured with an adjusted rule base based on > typical assets, risks, firewall rules, exceptions, vlan tags etc. > > We've seen gbit certified solutions starting to fail at 15mbit with <2000 > sessions during PoC's.... > > T > > C-Info skrev: >> >> The question I would also ask is was this complete capture or sampling of >> the traffic? >> >> Curt >> >> -----Original Message----- >> From: [email protected] [mailto:[email protected]] >> On >> Behalf Of Addepalli Srini-B22160 >> Sent: Thursday, February 19, 2009 1:57 PM >> To: Ravi Chunduru; [email protected] >> Cc: [email protected] >> Subject: RE: 10Gbps IPS - what you need to know >> >> >> Copied from the test report: "The device ably supported over 11Gbps >> of traffic with the larger HTTP response sizes (21KB) and lower >> connections per second (5,000 CPS per Gigabit of traffic) found on >> typical corporate networks". >> >> It appears to be some calcualtion mistake! It comes to around >> 820-830Mbps (21Kbytes * 5000 ), not 11Gbps throughput! >> >>> I think you missed "5000 CPS per gigabit of traffic". Since it is 10G >> >> box, I would assume that there was 50000 CPS in total which gives around >> 8.5Gbps. If you add usual overheads TCP header, IP header, Ethernet >> header, the total throughput might go beyond 8.5Gbps. >> >> Regards >> Srini >> >> >> >> >> >> >> >> > > >
