> Hi all,
Hi,
> My company is considering purchasing FireWall-1 and has
> requested that I determine the hardware necessary. I'm hoping
> to locate a web site or discussion paper which will aid me in
> determining the size of Solaris system required.
>
> General usage statistics:
> 1000+ Internet users
Does this mean that you have 1000 employees that might
surf a little, or that 1000 of you employees will at any time
surf ? (big difference ;-)
> 1GB+ mail daily
FW1 has no problems with that mail when the MTA runs on its
own machine in the DMZ
> Some telnet, ftp
DON'T - repeat: DO NOT allow telnet through the FW - Get your
users to use ssh (www.f-secure.com) !
otherwise, no problem if the FTP proxy runs on its
own machine in the DMZ.
> Possible NetMeeting, other MS protocol-based apps
If able to use proxies, again, place them in the DMZ -
if not, you are screwd (i.e. have to allow direct access
from then internal net to the internet - This is generally
a bad idea) or ask Microsoft to reveal its protocol
specs... - well, better wait till hell freezes over
>
> I had thought to find some guidelines on the Checkpoint web site,
> but couldn't locate anything that looked likely. Anyone have any
> suggestions?
>
> Lyn
>
> <*> [EMAIL PROTECTED]
> "Life is like a sewer... What you get out of it
> depends on what you put into it" - Tom Lehrer
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
There is an URL on checkpoint webpage that schould give you
an idea:
http://www.checkpoint.com/products/firewall-1/pbrief.html
note, that fw-1 scales pretty good - and that running
security servers (also called proxies) on the FW1 itself,
this will reduce throughput from 5% up to 50%, depending
on the situation,setup,data, etc...
For you setup, i think a Sun Ultra1 or Ultra2 should be enough,
if you dont put proxy services on the fw itself.
--
Juergen P. Meier email: [EMAIL PROTECTED]
Class GmbH Firmengruppe phone: +49 172 8379103
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
