On Tue, 21 Nov 2000 [EMAIL PROTECTED] wrote:
> So this is a software solution. Very nice!
> But... does the PC bus supports such a need for bandwidth? (40...50 Fast
> Eth, plus the filtering stuff, plus logging and maybe some other things)
Anyone who's got 5Gbps of Internet bandwidth has to worry about maximal
capacity, everyone else can get away with either leaving it or bandwidth
limiting on the inside border router prior to the firewall. 50 T-1's
would be just over 75Mbps, so the bottleneck becomes interrupts on the bus
for the number of cards, certianly putting a dozen interfaces on an SBUS
system isn't a big deal (PCs aren't the only choice.) The biggest gain
comes from seperating each interface at layer 2 from it's associated
network so that the interface doesn't have to deal with ARPs and
broadcasts from each workstation.
> I've heard that some people were trying to build such "software
> firewalls" using PCs and Linux, *BSD or some other nice OS, but the problem
> was always if the PC is actually able to support such a high traffic when you
> really have ^many^ interfaces.
4 or 5 systems still gets an efficency of cost over 40 or 50 by a factor
of more than 10 when you include operational costs. The issues become
points of failure and administrative control.
Sun Ultra2's reaching EOL is a shame, becasue putting 3 QFEs in a box with
dual CPUs worked really well in the price/performance arena. Price is
higher with the UE series of boxes.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
