NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] NT vs Unix as FW platform



In regards to the VPN issue.

Has anyone performed a test comparing standard FW/OS VPN as apposed to
FW/Hardware (some sort of Card on the FW that does Hardware Encryption) ?

I'd be interested in hearing about that as well.

Mike

> -----Original Message-----
> From:	Jason Costomiris [SMTP:[email protected]]
> Sent:	ã ãöîáø 13 2000 15:17
> To:	Michael Liberte
> Cc:	[email protected]
> Subject:	Re: [FW1] NT vs Unix as FW platform
> 
> 
> On Wed, Dec 13, 2000 at 12:19:27PM +0200, Michael Liberte wrote:
> : 
> : I would say that the test setup is a bit unfair.
> : After looking at the graphs, almost noone bothers to check the hardware
> and
> : software configuration of the machines that participated in the test.
> : As a matter of fact, they have almost nothing in common in terms of
> : processing power, patch levels, etc..
> : http://www.checkpoint.com/products/firewall-1/pbrief.html
> 
> Agreed, the other test isn't a true measure of FW-1 performance.  This
> other
> one is much more accurate.  Why?  Do users *ONLY* move VPN traffic through
> their firewalls?  Heck no.  VPN, while very important, is certainly not
> the bulk of firewall traffic today.
> 
> The other problem these performance studies fail to address is the 
> manageability of the platforms.  We all know that it's easy to get an NT
> box up and running.  Keeping it that way, well, that's another story 
> entirely.  Platforms like IPSO, Solaris and Linux are far easier to 
> maintain (far better patch management, no DLL-Hell, etc.).
> 
> I'd like to see a more "fair" comparison on Check Point's site.  Look at
> the
> different machines, none of them have similar CPU power.  Obviously, since
> 
> they include RS/6k's and Sun E250's, some adjustments would need to be
> made,
> but we've got 3 Intel-based platforms here, and they're not even close:
> 
> 1 x P-III 700	(Nokia IP650)
> 2 x P-III 600	(NT4 SP3 - hey, isn't SP4 the earliest that's Y2k
> compliant?)
> 2 x Xeon  550	(Linux - RedHat 6.1)
> 
> Why not put all 3 platforms on a single P-III 700 and let them duke it
> out?
> 
> : http://www.checkpoint.com/products/vpn1/vpn1perfdata.html
> 
> -- 
> Jason Costomiris <><           |  Technologist, geek, human.
> jcostom {at} jasons {dot} org  |  http://www.jasons.org/ 
>           Quidquid latine dictum sit, altum viditur.
> 
> 
> ==========================================================================
> ======
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==========================================================================
> ======


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.