Emily Conrad wrote:
>Does anyone have any advice on what factors are important when making such a decision?

I'm assuming that, since you're asking about performance, you don't
care about security. So I'll just speak to the performance side of the

You should know what your peak loads through the link are going to
look like, and then you can start looking at which products claim they
operate at that level. If you're really concerned you can either use
one of two (equally effective) approaches to predict the performance
you'll see:
1) test or research a credible performance test (not one done by a vendor lab)
2) use bob's algorithm - assume the product can actually handle 1/2 of
what its manufacturer claims it can handle

Before you can even worry about performance, you should do some
basic research and information-gathering about your own network.
That's just Capacity Planning 101. "Back in the day" we used to get
customers who were worried about firewall performance because our
"slow" proxy firewall ran on an Intel box instead of a Sun (in those days,
people cared about that, too) - and they were worried about if it could
handle thier 56k link.


firewall-wizards mailing list