[j-nsp] Juniper Firewall Platforms
Amos Rosenboim
amos at oasis-tech.net
Wed Aug 15 06:21:49 EDT 2007
Hello,
I do have some experience with the SSG series (running ScreenOS). I
like those devices very much, although I did not use them in
transparent mode, and did not get near the performance you expect.
They do have a feature (licensed one) called deep inspection, which
is sort of IDP/IPS functionality performed by the firewall.
As expected, such feature has a significant performance impact. I did
not find any documentation in the Juniper web site on how much of
performance impact, but from my personal experience (protecting a web
server) it was more then 70%.
Regards
Amos
On Aug 15, 2007, at 8:36 AM, TCIS List Acct wrote:
> Hi all,
>
> We are looking at purchasing a new firewall platform to replace a
> pair of aging
> PIX 520s, and Juniper has several offerings that may fit.
> Specifically, we need
> Layer 2 / Transparent Mode support and around 400Mbit of firewall
> throughput.
> No real need for VPN, but IPS support would be nice. We are
> looking at the SSG
> series and the NetScreen 200/500. Any experiences with these
> devices or advice
> would be appreciated.
>
> --Mike
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list