I will say this... a T1 will not even be close to enough. You will get more
bitching and moaning with a T1 than if you just gave them all analog lines.
I can tell you that I have seen about 3000 users saturate a T1... not 100%
of the time, but it wasn't fun. With 25K users, you had better start off
with at least a frac DS3 (even 10Mb will probably be cramped). Really a
full DS3 is probably about right. A decently spec'd firewally (FW-1 on a
Nokia IP 440 or 650) will be more than adequate and even give you some
growing room).
I have worked with government as well, so I know your pain. E-mail me
directly if you would like more detailed input.
-----Original Message-----
From: Walt Sullivan <walt_at_trytel.com>
To: firewall-wizards_at_nfr.net <firewall-wizards_at_nfr.net>
Date: Thursday, December 30, 1999 5:43 PM
Subject: Sizing a firewall
>I'm consulting for a Canadian government agency that plans to allow
>desktop access to the Internet for the first time next year (yes, I
>know, "Forward into the 70's", but is is government).
>
>They think they have about 25,000 desktops (Windows 95/98, shudder).
>
>How can I help them predict the amount of traffic they'll see on their
>T1 connection?
>
>Is there anybody out there running a firewall for 25K desktops that is
>willing to share an order-of-magnitude guess?
>
>Thanks,
>
>Walt
>
>--
>Walt Sullivan
>UNIX & Networks, Security & SysAdmin
>walt_at_trytel.com
>
Received on Jan 02 2000
Intro
