On Friday 04 January 2002 08:42 pm, John Morris wrote:
> What are the current options for firewalls that can handle 1gb throughput ?
> I've got a client that has a 1gb internet connection, (a major Univ), and
> they want to firewall it, but haven't because they haven't found anything
> that wouldn't impact the performance too much. I've seen firewalls that
> advertise ~622mbps, but none that claim anything higher, but perhaps I'm
> wrong. Or could you use a really hefty OpenBSD box with two gigabit fiber
> cards ?
>
>
> - John
a standard PC hardware solution wont work well because they have a 32bit pci
bus, which caps out at 130 or so MBytes/sec, motherboards with 66mhz 64bit
pci buses cap out at 533 MBytes/sec, each gigabit network card at full speed
will consume about 125MBytes/sec, so you would need a solution with at least
the faster pci busses if you were going to go the pc route. you should also
find out how much of that bandwidth they are using (use something like mtrg)
i've seen many people think they need more bandwidth when in reality they're
using only 3-20% of their bandwidth. it could be they don't need a firewall
capable of the full link
