[c-nsp] Firewall/UTM

Phil Bedard philxor at gmail.com
Sat Nov 30 13:53:16 EST 2013


With those specs, you'd have to look at the top of the line firewall from
each vendor, except for maybe Juniper which has the 5600/5800 both
supporting those specs.  Cisco has the ASA 5585-X but it doesn't have
17Gbps of VPN throughput...

Phil 

On 11/30/13, 12:13 PM, "madunix at gmail.com" <madunix at gmail.com> wrote:

>Dear Experts,
>
>I am in the process to acquire and implement network infrastructure
>solution by upgrading the Firewall/UTM with a very high forwarding rate
>firewall at least 40Gbps, by using the following (TECHNICAL SPECIFICATION)
>
>
>Data Center Firewalls/UTM
>1. Frewall throughput minimum 40Gbps.
>2. VPN throughput 17Gbps
>3. Support up to 6 million concurrent sessions.
>4. Support up to 2000 IPSec VPN peers.
>5. At least 2x10GE SFP+ ports and 12x 10/100/1000 RJ45
>6. Must support VPN clustering and load balancing
>7. Support Active/Active and Active/Standby HA
>8. Power supply redundancy.
>9. Must support IPS
>10. Integrated IPS throughput should not be less than 6Gbps
>11. Firewall system must be able to provide stateful inspection
>capabilities
>12. Firewall system must be able to support Network Address Translations
>(NAT)
>13. Firewall system must be capable of supporting the following management
>methods:
>a. WebUI (HTTP and HTTPS)
>b. Command line interface (console)
>c. Command line interface (telnet)
>d. Command line interface (SSH)
>e. Centralized Management Solution.
>14. Firewall system must be capable of preventing Denial of Service
>attacks.
>15. Must Support Virtual domains / Security zones Min. 10/250
>16. Must Support DLP
>17. Must Support Web Filtering / Content Filtering
>18. Anti (Virus, Spams, Malware, Spyware)
>19. Logging management capability
>20. Load balancing capability
>21. System must support SNMP (v 1,2,3).
>22. Internal storage Min. 60GB
>
>The above spec could apply to juniper, cisco, hp, xtreme ...etc, any
>recommendation should I add/adjust to my  TECHNICAL SPECIFICATION.
>
>-mad
>_______________________________________________
>cisco-nsp mailing list  cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/




More information about the cisco-nsp mailing list