Hello, We are in need of "core" firewall for our new datacenter.
This firewall will not be directly connected to internet but rather serve as a separator for security zones within the "application" part of our network, classical fileserver traffic will not go thru this firewall. Network is full duplex 100Mbps Ethernet, there will be 25 machines split into 6 zones, we estimate that our rules will be around 200 lines per zone. No Syproxy, no NAT, no QOS, "just" a stateful packet filter. The largest traffic types would be: http/s,postgres,imap and a daily backup which runs over network. TCP connections wise we expect to see no more then 30k concurrent connections, so taking 60k as a goal would fit very well. We would like this firewall to be able to fill 2 of its 100mbs ports with duplex traffic (400Mbps) at any given moment without significant latency due to the firewall itself. Which hardware would you advise for such environment? Any gotchas / hints to watch out? Kind Regards Kirill ------------------------------------------------- When replying via E-Mail, please remove duplicate "@" from the address. -------------------------------------------------
