|
Jeff - Have you seen any independant evaluations of the thoughput of the Nokia IP740 ?
Deano [Edited by dsmith - 8/7/2002 1:21:42 PM] |
Deano
The only comparisons I've seen are from other vendors (Netscreen etc)....or from Checkpoint themselves http://www.checkpoint.com/products/c...ms_matrix.html What info are you specifically looking for ? Jeff [Edited by Jeff Wiltshire - 8/7/2002 2:22:30 PM] |
How do you extend the interval of the timeout in a NAT to prevent a hidden UDP connection from losing it's port?
|
Start Policy Editor
Select Policy from the top menu Properties tab from the drop down. (ie 'Rule 0') UDP session timeout is near the top of the first page (security policy) and the default is 40 secs. You'll need to install the policy for this to take effect. This is on FW-1 4.1 not sure its the same for NG ....haven't got an NG box here to check. Jeff |
Thanks Jeff, YHM.
|
Will 1 Pair (either Load balanced or Active/Stby) hack 1/2 Gig of traffic with a reasonable rule set (nothing silly but not trivial) and PAT'ing the lot against a selection of addresses. Probably of the order of 400K connections ?
I'm being told things which I'd like to independantly verify ;) I'm also being told to buy Cisco Content Switches to load balance across them. Seems like overkill to me. Any thoughts appreciated. Deano |
Well......
I have to say that once traffic levels are up above 200Mbps I would normally go towards a Netscreen solution (although Cisco Pix 535 is mean't to do it)... Have a look at http://www.netscreen.com/products/pdf/Tolly_NS5200.pdf or http://www.crossbeamsystems.com if you still want to use Checkpoint. Using a L3-L7 switch would give a better resiliance but I would look at Foundry, Alteon (Nortel) or Extreme Networks kit. Jeff |
Gigabit + Pix are dirty words here now. We've had to downgrade to FE to get stability.
We have to go with corporate policy (i.e what is supportable by existing teams) so its Nokia/Fw-1 or Pix. A simple subtraction leaves.... ;) Thanks for the links - I'll have a look. Ta Deano |
Deano
I reckon that a pair of IP740s (or even IP710) would cope in load balanced (not so sure about standby). If you use a good L3 switch it should work well.... The Crossbeam X40 would be interesting though (4Gbps throughput!) PIX is not my personel cup of tea...... Jeff |
| All times are GMT +1. The time now is 09:53 AM. |
© 2024 MH Sub I, LLC dba Internet Brands