Very Computer

It supports Sun 64-bit machines as well as Intel compatible machines.

Quote:> ITShield Networks Inc. (http://www.itshield.com) released ITShield
> firewall, a transparent application gateway firewall based on Linux.
> It can handle more than 5000 TCP sessions, unlimited UDP sessions, and
> unlimited IP sessions at application-level in parallel. It supports
> IPSEC VPN, PPTP VPN, remote administration, and user authentication.
> It is very easy to install and configure.

> It supports Sun 64-bit machines as well as Intel compatible machines.

Also, how intensively did you test it that you state it is able to handle
more than 5000 TCP sessions?

P.Krumins

In order to test the firewall's availibility and capability of handling the
high volume-traffic, we used a tool which can issue about 1000 number of
concurrent http, ftp and telnet requests to some different servers through
the firewall, and ran it on several machines. From fwadmin, a GUI tool to
manage the firewall, we saw the number of concurrent sessions reach 3000.
According to the design, the number of concurrent TCP can be more than 5000.

You may not believe because in mornal case:
    1. 300 processes running in a UNIX system makes the system very very
slow;
    2. In Linux system there is the maximum number of threads in a process,
that is 1024;
    3. There is the limit number of file descriptors a process can create.
The default is 1024;
    4. The maxmum value of file descriptor select() can handle is 1023.

Our developers modified the kernel, and adopted some special technologies so
that the firewall can handle more than 5000 TCP sessions, unlimited UDP
sessions, and unlimited IP sessions at application-level.

If you use it, you will find out the firewall can do many things that you
have never imaged.

Regards,

Viv

Quote:> Yes, it support some gigabit ethernet cards. But if your most concern
> is speed instead of security, you ought to go with a
> Stateful-Inspection firewall.

> In order to test the firewall's availibility and capability of
> handling the high volume-traffic, we used a tool which can issue about
> 1000 number of concurrent http, ftp and telnet requests to some
> different servers through the firewall, and ran it on several
> machines. From fwadmin, a GUI tool to manage the firewall, we saw the
> number of concurrent sessions reach 3000. According to the design, the
> number of concurrent TCP can be more than 5000.

> You may not believe because in mornal case:
>     1. 300 processes running in a UNIX system makes the system very
>     very
> slow;
>     2. In Linux system there is the maximum number of threads in a
>     process,
> that is 1024;
>     3. There is the limit number of file descriptors a process can
>     create.
> The default is 1024;
>     4. The maxmum value of file descriptor select() can handle is
>     1023.

> Our developers modified the kernel, and adopted some special
> technologies so that the firewall can handle more than 5000 TCP
> sessions, unlimited UDP sessions, and unlimited IP sessions at
> application-level.

> If you use it, you will find out the firewall can do many things that
> you have never imaged.

P.Krumins