thanks for your tips. I think the majority is from VPN traffic, and one
solution may be to get an acellerator card to offload some of this.

Alas, an offline audit may be the best option here.


Peter Bruderer wrote:
> If a Netscreen is constantly running at 80% on the active and 5% on
> the passive you have really high traffic. Usually with Netscreen you
> only get these high load if you do IPsec at the limit of the machine.
> Do you have an idea how many sessions you have on these machines? Do
> you have broadcast storms in that network?

Avishai Wool wrote:
> Kerry,
> one thing you could consider is an "offline audit" using something
> like the AlgoSec Firewall Analyzer (www.algosec.com) . it works of

The Wellcome Trust Sanger Institute is operated by Genome Research
Limited, a charity registered in England with number 1021457 and a
company registered in England with number 2742969, whose registered
office is 215 Euston Road, London, NW1 2BE.
firewall-wizards mailing list