One thing that you ALWAYS should consider is how you will use the firewall.
If you are going to use CVP, UFP, VPN's, SecurID or other external
authenticators. This also includes load balancing. Nokia's cannot perform
true load balancing at this stage in the game. You can do some load sharing,
however. For true load balancing your best bet is going to be Stonebeat, or
Rainwall with Firewall-1 on one of the supported platforms. Also I am not
aware of any support on the Nokia for the VPN accelerator card II, just the
old accelerator card. So if you are going to need lots of high speed vpn
connections you might want to consider this. I am sure the card will
eventually be supported on Nokia IPSO. These are a few issues that should be
considered when trying to decide which platform is right for you. Also, be
aware that NG supports multiple processors. If you are going to want
multiple CPU's you should be looking at the Nokia 700 series..The Nokia
boxes achieve their large numbers via their flows software. That being the
case, things like security servers will not exhibit the performance that is
advertised. I agree that the Nokia is a well thought out, nicely bundled
solution. They are also in my experience extremely reliable. The platform is
an excellent solution HOWEVER - they are not always the right choice. Hope
this helps!
Frank
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 24, 2001 4:22 PM
To: [EMAIL PROTECTED]
Subject: [FW1] Nokia or Sun to run Firewall-1
Hi, all
I saw some discussion about the platform to run Firewall-1 but I don't know
whether there are discussions about load balancing requirements.
We are in the pilot test to outsource our e-mail system to AOL through
minimum
two T1 lines may be two T3 lines to support about 4,500 users. We will add
Firewall-1 behind those T1 line after CISCO routers. We'd like to have these
two
firewalls to be load balanced besides failover capacity. I know that using
two
Sun servers with NT (may be Sun also) management server running Stonebeat
can do
that. I don't know whether two Nokia boxes can do the same failover + load
balance and what we need besides Nokia boxes to accomplish this. Thanks in
advance.
Ryan Jiang
Senior UNIX administrator
Liz Claiborne, Inc.
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
