The latest Cisco PIX (535) should be able to match or better the
NetScreen 1000
for non-VPN traffic throughput (each claims 1 gigabit/sec). The Cisco
PIX is less
powerful at handling VPN traffic directly in the PIX -- so many Cisco
customers
would handle VPN termination w/a separate device (a router or Cisco VPN
Server
3XXX or 5XXX)..
Cisco is claiming 1 gigabit/sec (non-VPN traffic) throughput within the
535. VPN
traffic is only 100 megabit/sec for the VPN traffic -- handled via an
addon VPN
accelerator card. You can put 10/100 megabit as well as gigabit speed
Ethernet
interfaces in it.
The next lower PIX (in price and performance) is the 525 which has a
total throughput
of around 370 megabits/second. It is quite a bit less expensive than
the Cisco PIX 535.
See:
http://www.cisco.com/warp/public/cc/pd/fw/sqfw500/prodlit/535_ds.htm
- H. Morrow Long
Matthew Poole wrote:
> Hi all
>
> My employer is currently in the market for a new firewall app. The
> requirement is one that can handle in excess of 250,000
> simultaneous connections.
>
> We operate several virtual ISPs, ranging in size from a few hundred
> users through to well over 100,000. These offer POTS dialup and
> RADSL access. We also offer an in-building access service. On
> top of these two, we are in the process of designing and
> implementing a fully-unified voice/fax/data platform utilising EoF,
> ATM and SWB carriers, and SDSL when it becomes available. All
> the dedicated connection services (will) offer an optional managed
> firewall service.
>
> Does anyone have any comments/suggestions on firewalls that
> can handle this type of capacity? VPN compatability is essential,
> as is rack-mount chassis design. So far the only app I've been
> able to find in this class is the NetScreen 1000. It looks damn
> good on paper, but the end user perspective is always more
> revealing.
>
> Thanks
>
> Matthew Poole
> Junior Network Engineer
> Attica Communications
> +64 21 224 6927 - Cellular
> +64 9 915 7671 - DDI
> +64 9 916 0627 - Fax
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
