I'm asking this because I've always been lucky on this front I guess. I see posts on here about firewall recommendations that to me, seem oversized. But the people who are making the recommendations seem to really know what they are doing so I'm curious how you would size a firewall. Let's assume you know nothing about the vendor and the specs they list are accurate (they can really do what they say). Now lets say someone asks you to purchase a firewall for a site that has 400 employees of medium bandwidth usage. Let's say they use about 30Mb's on average for download (total for all users) and 10Mb's upload. We will assume no growth is expected and their connection is 50Mbs. They host a web server and Exchange onsite and want IPS for these devices as well as layer 7 policies for everyone. They will also use AV scanning on the firewall.
Assuming you can't ask a vendor to size it for you, what would you look for on the spec sheet to determine the size? I would use throughput and total sessions (with about 200 per user as a ballpark). But as I said, this normally makes me come in smaller than lots of other people.
Feel free to use a real vendor as an example.
No comments:
Post a Comment