|
Hi all,
I am a newbie on FW-1 and I have faced the
following problem.
Our site contains about 8000 machines.
Recently we have put
2 FW-1 modules (Dual P-III 700MHz, 1GB memory, CP4.1
(SP5) on win2k) in
front of them. We have 2 rules which uses security
processor to detect
Code-Red and Nimda attacks.
When I enabled those 2 rules, lots of new
http connections could not
be made with the error "cannot connect to www
server". CPU utilization
grew to about 60% (on each processor)
immediately. As I enabled those 2 rules
during non-peak period, I
believed that the situation would be far worse during
peak
hours.
I have heard that security processor is
CPU-intensive. So is it
possible for me to use the security processor
in my case? Is there
any guidelines / recommendations on the size of
the site and hardware
configuration in order to run the securiy processor
smoothly?
Thanks in advance :>
KH Cheung
HKUST
| 
