[Dshield] Query regarding Gigabit Firewalls

Johannes Ullrich jullrich at euclidian.com
Fri Sep 6 22:53:30 GMT 2002


> >Hi,
> >	Iam looking at Gigabit Firewalls and trying to get a list
> >	of what issues will occur when trying to Firewall at that speed.
> >	Has anybody done any work in this area they are willing to share ?
> 
> Yes,  I have...   First,  let me explain our test setup.   Using 33 Mhz
> PCI Bus speeds,   all we were able to get was 210 mb/sec throughput in
> our early lab tests.   Te "bottleneck" is the PCI Bus speed if you use
> Gigabit NIC's using PCI interface.

Very good point. Stnadard PCI architectures are not sufficient. There
are some alternative systems, but they tend to be very pricey.

Also, Giga-Bit is not always Giga-Bit. Many devices/routers that claim
to be Giga-Bit only run at 300 MBit/sec. Not that this helps much.
But as it comes to Giga-Bit, be very careful of vendor claims and
insist on a demo in your environment.


-- 
--------------------------------------------------------------------
jullrich at euclidian.com             Collaborative Intrusion Detection
                                         join http://www.dshield.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20020906/8ce57f21/attachment.bin


More information about the list mailing list