Tom's Hardware > Forum > General Networking > Firewall > Is the Netscreen 5GT enough firewall for this...

Is the Netscreen 5GT enough firewall for this...

Forum General Networking : Firewall - Is the Netscreen 5GT enough firewall for this...

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Anonymous   05-18-2004 at 03:31:46 PM

Archived from groups: comp.security.firewalls (More info?)

 

It the Netscreen 5GT enough firewall to handle a production webserver with
20-50 sites, each receiving light (< 1000 page views/day)?

I've not been successful yet - as my 5GT in Transparent mode will fail after
4-12 hours and no HTTP traffic will go through it. Interestingly, my RDP
(remote desktop) traffic keeps flowing through it.

Netscreen support thinks it might be a Session limit problem, or possibly a
User limit problem. What exactly are Sessions and Users? Does each user
represent one IP or mac-address on the Trust side, or does it represent a
concurrent user on the Untrust side? My subdomain is a /28, which is 15
hosts - does this alone blow the 10 User limit?
And, on Sessions - does one page view = 1 session, or do you get a session
for each element of the page? And, how long do these items remain in the
Netscreen cache, and what cause them to be released/reused?

thanks for any help,
Blaker

Add a reply
Sponsored Links
Register or log in to remove.
Anonymous   05-19-2004 at 12:48:36 AM
- 0 +

Archived from groups: comp.security.firewalls (More info?)

 

Hi,

Blaker <anonymous@discussions.com> wrote:
> It the Netscreen 5GT enough firewall to handle a production webserver with
> 20-50 sites, each receiving light (< 1000 page views/day)?

Hmm. The peak, not the average laod is interesting.


> Netscreen support thinks it might be a Session limit problem, or possibly a
> User limit problem. What exactly are Sessions and Users?

Sessions are concurrent TCP-Sessions (UDP-Session, args, there is no
such thing as a UDP-session ;))

> Does each user
> represent one IP or mac-address on the Trust side,

Yes. Entry in ARP-Table.

> or does it represent a
> concurrent user on the Untrust side?

No.

> My subdomain

Subnet

> is a /28, which is 15
> hosts - does this alone blow the 10 User limit?

Not, if you have less than 10 IP-Addresses active.


> And, on Sessions - does one page view = 1 session, or do you get a session
> for each element of the page?

Each element triggers a http request, which might trigger a single
TCP-session.

> And, how long do these items remain in the
> Netscreen cache, and what cause them to be released/reused?

The end of the session?

Greetings,
Jens

Reply to Anonymous
Ask the community Add a reply
Tom's Hardware > Forum > General Networking > Firewall > Is the Netscreen 5GT enough firewall for this...
Go to:

There are 432 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.259 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
Related Topics
See all relatives topics
They won a badge
Join us in greeting them
  • 01:00 meywd won the Freshman badge
  • 01:00 nayega won the Freshman badge
  • 01:00 gpfear won the Freshman badge
  • 01:00 Conrad925 won the Freshman badge
  • 01:00 skythra won the Freshman badge
  • 01:00 Ckaz won the Freshman badge
  • 01:00 james59 won the Uniformed badge
  • 01:00 snarl won the Uniformed badge
  • 01:00 patlabor44 won the Uniformed badge
  • 01:00 Kiren won the Uniformed badge