This is a discussion on RE: [fw-wiz] Info Request: Looking for alternatives in HA/Load balancing firewalls that are also scalable and modular. . . - Firewalls ; -----Original Message----- are also scalable and modular. . . > We're currently spec'ing functional requirements for a new web-based implementation of a > number of enterprise apps. One obvious problem is the firewall system: it needs to be both > ...
are also scalable and modular. . .
> We're currently spec'ing functional requirements for a new web-based
implementation of a
> number of enterprise apps. One obvious problem is the firewall system: it
needs to be both
> load-balancing and high-availability, AND scalable. We're still getting a
> potential traffic, but we expect to have a requirement for in-line
expansion of the system
> while remaining online.
Sounds like a big firewall. I'm curious, though, as to why load-balancing
is a requirement. My experience has been that an appropriately-sized single
firewall as part of a fail-over pair is more reliable and performs better
than a comparable load-balanced firewall.
> One of the obvious candidates is the Nortel Alteon platform, but that
> also limits us to FW-1. We're nowhere close to downselect on a
> platform or a firewall, but I'm looking for alternative platforms to start
getting info on,
> so we can make sure the requirements we develop can actually be
IMPLEMENTED in reality. . .
If it were me, I'd look at SPLAT with ClusterXL over Alteon. You'll lay out
some dough for load-balancing with ClusterXL, but at least the hardware can
be (relatively) cheap.
The only other firewall vendor I can think of that does (or at least claims
to do) load-balancing is Symantec Enterprise Firewall. However, you may
also want to look at third-party load-balancing solutions like Radware
FireProof or Foundry ServerIron.
firewall-wizards mailing list