[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Sun Checkpoint Performance
I would like to compare firewall performance levels with other people to see if the rates we are experiencing are "normal". I manage a pair of Sun Ultra E3500 firewalls each connected to a burstable-T3. Each firewall has a pair of 250Mhz CPUs, 512M of memory, and is connected to full-duplex 100Mbps switches. The OS level is Solaris 2.6 and the Checkpoint is 3.0B. Even though each link has 45Mbps capacity, we seem to topping out in the 6-7Mbps range. The systems have been tuned and tweaked and nothing seems to indicate a "tuning" or resource problem. The firewalls have about 40 firewall rules and about 10 address translation rules. Using a traffic generator I tried to do some throughput testing. Transmitting small packets, I can drive the performance at about 2Mbps, but with large packets I can drive performance in the 15mbps range. During the busy times of the day the average packet size is quite small, so this seems to agree with the testing. Do other people with similar setups see similar rates? Management believes that the E3500 boxes should be able to drive the T3 links much higher than 6Mbps. Therefore I would like to see what transmission rates other people are seeing. Does the trunking feature help performance? How about switching from E3500 to something like E220? Any info would be appreciated. Thanks. -Jon ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|