Options for a 24-port firewall?

• Previous message: Options for a 24-port firewall?
• Next message: Possible aid in filtering spam
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 29 Oct 2005, Michael T.Halligan wrote:
> I'm sitting around, analyzing my firewall needs. My needs are pretty simple. 
> I need to be able to throw a lot of customers on their own 100mb firewall 
> ports. Most customers will never use more than about 3 mb/s. Given this, 
> I expect the overall throughput for 24 customers, given some flux, to be 
> about 150mb/s.  Ideally, I'd love to throw Linux or OpenBSD onto a box 
> that has 1/2 dozen quad ethernet cards.. I'd also like to keep the budget 
> per firewall under $7.5k, which rules out any commerical solution.
>
> Given these requirements, am I insane?

Er... given the lack of requirements, you may be insane ;>

What do you want this 'firewall' to do ;>  Is this supposed to do
stateful inspection? vpn? simple port filtering? nat?  the thousand
monkey cha-cha? *grin*

Is there a reason to want all of the customers on the same device? We've
certainly had plenty of entertaining examples of devices using logical
separation to enforce security/traffic failing miserably.

All that aside, there are a metric ton of appliance-class firewall devices
that will push the amount of per-customer traffic you're describing, and
come in well under $1k/box, never mind $7.5k/box...  (or was that a typo
intended to read "$7.5k total")?

cheers!
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet.  This is the defining metaphor of my life right now."

• Previous message: Options for a 24-port firewall?
• Next message: Possible aid in filtering spam
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]