|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Sizing a firewall
Subject: RE: Sizing a firewall
From: Dom De Vitto (dom
devitto.com)
Date: Fri Dec 31 1999 - 08:31:32 CST
- Next message: Robert Graham: "Re: Sizing a firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
DON'T just have them browse right out!
Cache/Proxy chain a couple of times - this will massively reduce your
traffic, esp. if you also run a caching name server before your T1.
I'd also recommend some kinda content/virus checker in the chain and
the last 'hop' before the 'net being an application-level firewall
(this would also running a caching name server, only serving requests
on i/f 127.0.0.1).
This is fine for at least up to 5k clients (with two 'chains', going
out of two 6 Meg lines, to two different ISP at two geographic
locations - we can manually switch all traffic through either pipe)
Dom
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Dom De Vitto
Secure Technologies Ltd. Mob. 07971 589 201
mailto:domdevitto.com Tel. 01202 738 767
http://www.devitto.com Fax. 08700 548 750
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-----Original Message-----
From: owner-firewall-wizardslists.nfr.net
[mailto:owner-firewall-wizardslists.nfr.net]On Behalf Of Walt Sullivan
Sent: Wednesday, December 29, 1999 11:19 PM
To: firewall-wizardsnfr.net
Subject: Sizing a firewall
I'm consulting for a Canadian government agency that plans to allow
desktop access to the Internet for the first time next year (yes, I
know, "Forward into the 70's", but is is government).
They think they have about 25,000 desktops (Windows 95/98, shudder).
How can I help them predict the amount of traffic they'll see on their
T1 connection?
Is there anybody out there running a firewall for 25K desktops that is
willing to share an order-of-magnitude guess?
Thanks,
Walt
-- Walt Sullivan UNIX & Networks, Security & SysAdmin walt
- text/x-vcard attachment: Domenico_De_Vitto.vcf
- Next message: Robert Graham: "Re: Sizing a firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Sun Jan 02 2000 - 23:14:18 CST