Educause Security Discussion
mailing list archives
Re: Fortinet unified threat management evaluation feedback needed
From: Cal Frye <cjf () CALFRYE COM>
Date: Tue, 27 Feb 2007 17:18:06 -0500
Jere Retzer wrote:
One caution: be sure
to evaluate carefully your throughput needs as IPS and virus scanning
seem to drop throughput by around 90%. I also wonder what are the
lantency and other impacts on VOIP and h.323.
Christian.Heroux () ETSMTL CA 2/27/2007 9:22 AM >>>
I am worry to put all my eggs in one basket. I know
they use ASIC instead of CPU but I would like to see all eight
functions activated (firewall, antivirus, anti-spam, IPS, IDS,
traffic shaping, VPN)
We've seen that just stacking individual devices inline can raise
latency to unacceptable levels. I have no experience with the Fortigate,
but you're right to be worried.
Have them send you a largish unit for evaluation -- you'll never know
how it works with your traffic until you try it out. The times I've done
this, I often haven't changed vendors, but frequently have discovered we
needed a more capable box than we evaluated (wishful thinking, every time).
-- Cal Frye, Network Administrator, Oberlin College
"Even if you win the rat race, you're still a rat."