Well, true, but IMHO it's much more important to find the root cause ATM, since the unit has until now performed to expectations.
Almost anything in the right class will handle what he needs, once he figures out what's happening. Heck, even a simple pfsense box on decent hardware will do what he wants. Kurt On Wed, Oct 5, 2011 at 21:04, Steve Kradel <[email protected]> wrote: > I'd say the OP needs to both figure out the root cause, *and* buy a > new firewall as the vendor's support program's been tried and found > wantin'. > > --Steve > > On Wed, Oct 5, 2011 at 11:37 PM, Kurt Buff <[email protected]> wrote: >> Don't look for a new firewall right now. >> >> Do figure out why the response is so crappy after having been fine for so >> long. >> >> I take that as a signal that something has drastically changed in your >> environment. >> >> Can you characterize your current traffic? In particular, look for >> indications that you're emitting and/or receiving lots of really tiny >> packets. This might look like not much bandwidth is being consumed, >> but can drive *any* firewall to its knees. >> >> Kurt >> >> On Wed, Oct 5, 2011 at 14:14, Matthew W. Ross <[email protected]> >> wrote: >>> Good Afternoon, list members. >>> >>> I would like to know what are some of your recommendations for a >>> Router/Firewall. Some info of our current situation: >>> >>> We currently use a Linux-based firewall (ClearOS for those curios). It has >>> served us well over the years. Very recently, it has begun to inexplicably >>> slow down passed network traffic. Ping times go up to 1000-4000ms, while >>> load seems to be near zero. Reboot resolve this issue, but the problem can >>> come back within a few hours. >>> >>> I have called the vendor, and I was able to get their tech support (for >>> $180, no less). The first tier support tech is stumped, and he's going to >>> get his level 2 tech involved. Here's the kicker: He will be in touch with >>> me "by the end of the week." My boss and I have decided that we no longer >>> are interested in something if we can't get support when we need it. >>> >>> The network requirements for the firewall/router are simple: a 100mbit >>> ethernet WAN and a 100mbit ethernet LAN. Standard NAT and port forwarding >>> required. All other features are _not_ required, but are gravy. >>> >>> We need something that is fairly easy to administer. Anything with a decent >>> web console will likely do. We have about 1000 computers on our network, >>> but actual concurrent sessions through the firewall will likely be >>> 5,000-10,000. >>> >>> I look forward to see what else people are using. >>> >>> >>> --Matt Ross >>> Ephrata School District >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >>> --- >>> To manage subscriptions click here: >>> http://lyris.sunbelt-software.com/read/my_forums/ >>> or send an email to [email protected] >>> with the body: unsubscribe ntsysadmin >>> >>> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
