Yes, it support some gigabit ethernet cards. But if your most concern is
speed instead of security, you ought to go with a Stateful-Inspection
In order to test the firewall's availibility and capability of handling the
high volume-traffic, we used a tool which can issue about 1000 number of
concurrent http, ftp and telnet requests to some different servers through
the firewall, and ran it on several machines. From fwadmin, a GUI tool to
manage the firewall, we saw the number of concurrent sessions reach 3000.
According to the design, the number of concurrent TCP can be more than 5000.
You may not believe because in mornal case:
1. 300 processes running in a UNIX system makes the system very very
2. In Linux system there is the maximum number of threads in a process,
that is 1024;
3. There is the limit number of file descriptors a process can create.
The default is 1024;
4. The maxmum value of file descriptor select() can handle is 1023.
Our developers modified the kernel, and adopted some special technologies so
that the firewall can handle more than 5000 TCP sessions, unlimited UDP
sessions, and unlimited IP sessions at application-level.
If you use it, you will find out the firewall can do many things that you
have never imaged.
> > ITShield Networks Inc. (http://www.itshield.com) released ITShield
> > firewall, a transparent application gateway firewall based on Linux.
> > It can handle more than 5000 TCP sessions, unlimited UDP sessions, and
> > unlimited IP sessions at application-level in parallel. It supports
> > IPSEC VPN, PPTP VPN, remote administration, and user authentication.
> > It is very easy to install and configure.
> > It supports Sun 64-bit machines as well as Intel compatible machines.
> I'd rather to test it in my test enviroment, does it support gigabit
> ethernet? If not, i dont think i will be willing to test it anymore.
> Also, how intensively did you test it that you state it is able to handle
> more than 5000 TCP sessions?