Re: [High Speed Firewalls]

[Gwendolynn ferch Elydyr <gwen () reptiles org>]

On 1 Mar 2000, James Vaughn wrote:
> I'd recommend checking into a hardware-based firewall solution, rather 
> than a software firewall.  Hardware solutions are specifically designed 
> for the volume of traffic about which you're speaking.  Check www.f5.com for
> their BigIP product (which is an internet-centric load-balancing, FW/etc.
> machine -- i.e., more than just a firewall; depends on why you need this) or
> www.cisco.com and look into their PIX solutions.
>
> There are others out there, too -- but these are the ones with which I'm
> familiar and trust.

Hi James -

Not so familiar as all that, or you'd realize that the F5 product is a
pc, running a BSDI derived kernel. To date, running streaming media only
(well - ftp, rather than multiple http), we.ve managed to get 95Mbps out
of them. 70Mbps is more normal.  They have come out with gige cards for
their load balancers, but they're quoting a max throughput of around 300Mbps.

As far as the Pix is concerned, same deal - repackaged intel box...

If you're thinking about a hardware based solution, I'd have expected to
see you pointing at things like the switch-based load balancers, such
as Foundy, Arrowpoint, and Alteon's - or appliances like Lucent's Managed
firewall, or the netscreen.

cheerS! 
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet.  This is the defining metaphor of my life right now."