throughput: how many bits per second (actually bytes, and more practically, packets of a partiucular size) the firewall can process in second, under specific laboratory conditions. Nominally, the faster the better, but it may be very traffic dependent, this isn't a router/switch you are testing: a firewall may need to look deeper in some packets than others, and apply extensive rules for some applications. Fast scanning of packets for viruses is expensive, and to do it really fast requires specialized hardware, which costs $$$.
(1 Gbps = 1000 Mbps). The number of concurrent sessions is important in a firewall because the firewall has to store some state information about each TCP/UDP connection and each outstanding ICMP request. For example, if you are using Network Address Translation (NAT), it is important to maintain the same mapping of internal to external address (and TCP/UDP port) for the whole exchange. If you are scanning for virus signatures, you probably have to do some form of re-assembly (turning a series of packets into a stream). Session state takes memory, large amounts of memory costs $$$$. Of course marketing numbers are different than the real world, and you probably want to select a firewall on the basis of what you need, not what the vendor wants to sell you. >> Hi all, >> >> I have seen and read some of the Firewall vendors say that their >> firewall throughput is put 380 mbps or 1Gbps with some 2,80,000 >> concurrent sessions. What does it mean ? Please clarify me. >> >> >> Thanks in advance.. >> >> Sai __________________________________________________ Do you Yahoo!? Yahoo! Web Hosting - Let the expert host your site http://webhosting.yahoo.com
