-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
You cannot run RealSecure and FW-1 on the same box Daver. =) Two pigs
won't fit in that box.
Are you runnign IPS 3.3 yet?
Carric Dooley
Senior Consultant
COM2:Interactive Media
"But this one goes to eleven."
- -- Nigel Tufnel
On Thu, 25 Jan 2001, David C. Diemer wrote:
> Our Nokia 650s with 320MB RAM in a VRRP configuration are attached to a
> DS3 (45MBps) circuit. It supports a normal load of 23,000 connecitons with
> a peak of more than 40,000. It is very rare that processor utilization, using
> uptime, exceeds .05 for the 1 minute increment and .01 for the 15-minute
> average.
>
> VRRP works without fail as does the state table synchronization. Of
> course, you do have to be careful with how much you want to log. Log
> Active and Log Account are pretty much useless due to the enormous
> amount of data each monitors. Never had a problem with Logging
> otherwise.
>
> Finally, make sure the Nokia has at least 128MB RAM, preferably 256MB,
> because if you add anything to the box such as CVP, RealSecure sensor,
> Log Accounting, Log Active, or others, you'll find that 128MB RAM just
> isn't sufficient to perform the job.
>
>
> David C. Diemer, CCSA
> Enterprise Security Firewall Engineer
> Georgia Department of Administrative Services (DOAS)
> 200 Piedmont Ave. SE
> Suite 1420, West Tower
> Atlanta, GA 30334
> [EMAIL PROTECTED]
> (V) 404.651.9677
> (F) 404.656.0421
>
> >>> <[EMAIL PROTECTED]> 01/24/01 04:35PM >>>
>
>
>
> > We are currently using Firewall-1 on a Sun Ultra 2 machine. We have about
> > 2000 workstations and servers behind it. During the peak period of the
> > day, we have about 1000 to 1500 connection in the Firewall-1 's Active
>
> I have a HP lpr, running Linux, FW-1 4.1 Our connection table almost
> always exceeds 10,000 connection. It runs somewhere around 1% cpu
> utilization. It's connected to four T-1s.
>
> I've run 14 T-1's into a Nokia 330 without any performance problems.
>
>
> > Now, my question is if you think the Nokia IP650 (or the IP440) would have
> > sufficient (CPU, memory, etc.) capacity to replace the Sun Ultra 2 and
> > handle the current load? Better?
>
> IP440 will do well.
>
>
> > Another question is if the VRRP is only available for the Nokia setup, and
> > not for the Sun Ultra 2 machine? I guess my question is if the Checkpoint
> > VRRP solution are built at the Firewall-1 software or at the hardware
> > (Nokia) platform.
>
> VRRP is only on the Nokia platform. I recommend Rainwall on Sun or Linux.
>
> Frank
>
>
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
>
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1
Comment: Made with pgp4pine 1.75-6
iQA/AwUBOnBPgVUqWOkDpMZ2EQIwGwCg8b0E/YrKy+LAknMwI1p6RJdisCkAoNCK
+5vstbZcl0GwvcpcA5lOMq4+
=st2R
-----END PGP SIGNATURE-----
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
