Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Will a Pentium III-500 do as firewall?

Posted on 2005-03-29
Medium Priority
Last Modified: 2013-11-16
We have a small network of about 8 machines, one webserver, low traffic. The new webserver (P4-2.4GHz) works quite fast from the inside. Pages normally display in less than 1 second. From the outside it takes up to 5 seconds. Typically nothing happens for about 3 or 4 seconds, and then suddenly the page appears. When inside, visiting other websites, we have a normal speed.

The firewall/router is an old Pentium III-500 (320MB) machine running Windows 2000 and Isa Server 2000. (Memory usage is about 150MB.) Can this be the bottleneck? I heard that a 486 could be used as firewall. Are there tools to test what causes the delay? Is a Linux firewall faster? Or a hardware firewall?
Question by:grexx
  • 3
  • 2

Accepted Solution

TannerMan earned 600 total points
ID: 13654232
I have ran isa 200 on a p-2 333 with 128 ram before. No real problems due to machine power. I think your machine horsepower is adequate.

Your speed when accessing your fast web server from the internet is so very determined by a whole host of uncontrollable areas. The DNS server's used to resolve your web site name may be slow.  This can be the any of the multitude of DNS servers hops are made across to get from test locatoin to your web server. The internet connection your viewing from may have a bottle neck. Especially if it's something like a cable modem that can be slow during peak usage times.

Unless you have a very complicated ISA implentation I don't think your slow down is there.

Also, 5 seconds to load just about any website from the internet is really a good speed. There are two reasons it is faster on the inside of your network than outside....

The server is local of course, and that the ISA server, if set up with it, is caching web visits. This means when your client hits the ISA server from the inside the ISA server spits the webpage back and not having to wait for it to contact your web server and retrieve the page.

Assisted Solution

bloemkool1980 earned 400 total points
ID: 13659623
I would say your machine is powerful enough. THe page load depends a lot on your browser.
Are you using http 1.0 or http 1.1
Are you using IE?
Is the speed the same with an alternative browser?
The bottleneck is not your isa I really doubt it. A hardware firewall will have more performance that is pretty sure but what is you link speed to internet?

Author Comment

ID: 13660034
Thanks for the replies. I thought the machine was fast enough. I can try a test though. We have a second IP-address that is not used. I can put a spare machine (disconnected from the rest of the network) directly on that address, and then compare connections from the outside to both machines. If that is really faster, then something on the network is slowing the site down.

At home I have a 3Mb cable connection, and about 400kb upload. At work we have a 1MB DSL connection. When at work, with my computer at home working (Mac G4-400), that webserver is a lot more responsive (1 second to display a simple page). At home I have a simple Netgear Firewall/router, and a software firewall as well (standard Mac OSX).

I know 5 seconds is not all that bad, but we have customers complaining that it's slow. What confuses me a bit is that for about 4 seconds nothing happens, and then suddenly everything appears quite fast. It looks like somewhere there's a delay. Normally you see a page loading, building up, data coming in, if it's really big. That doesn't seem to happen.

It could be one of the DNS hops. Can I test that? Shouldn't they change for different users or different times? I thought they were not fixed. Browsers don't seem to matter. I use Firefox and IE to compare.
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.


Expert Comment

ID: 13660760
Well, the 3-4 seconds wait with nothing appearing sometimes is related to the type page it is. I mean html, asp, aspx ect.
DNS hops chages with not only where your geographicly located, but even changes per request from same place.
When you say customers are complaining, are the complaints from a 5 second load time, or are some waits much longer? You can test from a spot like www.dnsreports.com, but it will be a test FROM their paticular hops to get to it, but it will give you the timing of each hop.

I wish you luck with it, but I am not sure what to tell you to look at next. I'll continue to give it some thought though.

Author Comment

ID: 13705524
The type of page cannot be the cause. If I open the page from our intranet, it opens in less than 1 second.

It turns out it has to do with the domain name. We have several, all going to the same webserver and sites, and one of them is fast as should be. Our new domain name (because of company name change) is slower. I'll probably open a new question about this.

Tannerman, your link to dnsreports was not really useful. At least I couldn't find anything there. It looks like one of those sites that have their domain name registration expired?

Author Comment

ID: 13724769
If you want to earn some extra points, look at:

DNS problem: differences in response time between domain names and subdomains

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Integration Management Part 2
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month14 days, 6 hours left to enroll

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question