OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
NFR Wizards Archives: Re: Sizing a firewall

Re: Sizing a firewall

Subject: Re: Sizing a firewall
From: Rafael Teixeira (rptpobox.com)
Date: Fri Dec 31 1999 - 12:12:26 CST

Hi there.
Welcome to the brave new world....

The problem is that you must now what kind of traffic you will have.
http, https, ftp, real-audio, smtp, etc.
All of thsi protocols will have different needs.
Now, you might go to load-balancing stuff, proxying.
Think about security contents (things like web, ftp and mail sweepers).

I think you must take a deeper look at your network, mostly because ONE
firewall isn't going to solve the problem, and it might became a
"single-point-of-faillure", and this could be as good as bad.

Can you use servers for local caching and proxying ?
What kind of mail policies you will have ?
Will you use a DMZ ?
And what about ISP's service?

Think about this first, then you might start seeing the BIG problem you
are going to have.

Rafael

Walt Sullivan wrote:
>
> I'm consulting for a Canadian government agency that plans to allow
> desktop access to the Internet for the first time next year (yes, I
> know, "Forward into the 70's", but is is government).
>
> They think they have about 25,000 desktops (Windows 95/98, shudder).
>
> How can I help them predict the amount of traffic they'll see on their
> T1 connection?
>
> Is there anybody out there running a firewall for 25K desktops that is
> willing to share
> Thanks,
>
> Walt
>
> --
> Walt Sullivan
> UNIX & Networks, Security & SysAdmin
> walttrytel.com

This archive was generated by hypermail 2b27 : Sun Jan 02 2000 - 23:14:27 CST