RE: [High Speed Firewalls]

["Woeltje, Donald" <dwoeltje () sebh org>]

You're kidding, right? Neither a router (Cisco or any other) nor BigIP 5 can
perform as well (all out high-speed performance) as a switched solution,
utilizing a Layer 4 switch,  that has built-in firewalling capabilities.
I've done "proof of concept" laboratory testing of these types of solutions.
BigIP is nothing more than an over-priced router with load balancing
capabilities, much like a Cisco router with Cisco's Load Director on it.

If he really just wants the ultimate in performance, I would suggest that he
check out Alteon WebSystems ACESwitch 180 with their ACElerate software (and
all the other Layer 4 switches on the market) to see if that will accomplish
what he wants. However, if he wants a "firewall", then he should get a
recognized firewall product from one of the companies that are recognized as
experts in the IT security industry.

> -----Original Message-----
> From: James Vaughn [SMTP:j.vaughn () usa net]
> Sent: Wednesday, March 01, 2000 1:58 PM
> To:   firewall-wizards () nfr net
> Subject:      Re: [High Speed Firewalls]
>
>
>
> Hi,
>
> I'd recommend checking into a hardware-based firewall solution, rather 
> than a software firewall.  Hardware solutions are specifically designed 
> for the volume of traffic about which you're speaking.  Check www.f5.com
> for
> their BigIP product (which is an internet-centric load-balancing, FW/etc.
> machine -- i.e., more than just a firewall; depends on why you need this)
> or
> www.cisco.com and look into their PIX solutions.
>
> There are others out there, too -- but these are the ones with which I'm
> familiar and trust.
>
> BTW -- Tried to send you an email directly (to save bandwidth on the nfr
> list)
> but the email was rejected:
>
> <hbaez () eos hitc com>:
> Connected to 38.177.222.21 but sender was rejected.
> Remote host said: 550 Access denied
>
> Probably a spam filter.  ;^)
>
> - James D Vaughn
>
>
> Henry Baez <hbaez () eos hitc com> wrote:
> > I am doing research on very high speed firewalls.  I mean firewalls that
> > are right now available that could handle OC3 and higher speeds via Gig
> > Byte Etherenet cards.  In searching the recent posting of this list and
> > a lot of general web searching, I have found only one firewall that
> > claims they can do so.  It is call POTUS from a company called Livermore
> > Software Laboratories.  I would very much like to find at lease another
> > vendor which at lease matches the claim of PORTUS, 300 MB plus through
> > put.  Management, bless them, likes to have choices, I would like to
> > present more then one vendor if possiable.
> >
> > I have experiences with two commercial firewalls, Checkpoint and
> > Gauntlet, and one freeware firewall, Ipfilter.  But the links where way
> > under 10 Meg Byte.  None of the firewalls I have work on 'claim' the
> > speeds I am looking for.  All the magazines 'test/reviews' I have looked
> > at top out at about 150 Meg. Byte.  The number of users for this project
> > would not be large, but each one would be moving Gig Byte size files
> > across the world.
> >
> >
> > Thanks,
> >
> > Henry Baez
> > hbaez () eos hitc com
>
> > --------------------------------------------- 
> >     Attachment: hbaez.vcf 
> >     MIME Type: text/x-vcard 
> > --------------------------------------------- 
>
> ____________________________________________________________________
> Get free email and a permanent address at http://www.netaddress.com/?N=1