Solved

Endian Firewall Max Users Supported

Posted on 2009-07-09
4
3,166 Views
Last Modified: 2013-11-16
Hi guys, I have 1 querie.

I would like to know the maximum users that the product Endian Firewalls Supports? ( Free Edition )

We are going to use for  Dual Wan and Load Balance features in a company of 1500 users?

believe that this product would support such a configuration?

Thx!
0
Comment
Question by:thor_08
  • 2
4 Comments
 
LVL 3

Expert Comment

by:mrworta
ID: 24913056
In general, the product itself can support this amount of users/clients.

But - how well it performs depends heavily on which hardware-setup you're using.

How many interfaces (maybe DMZ) do you want to use and how fast (10/100/1.000/10.000) are they
Which type of NIC's are in your server? What type of traffic has the firewall to deal with? (small packets, large packets, a lot of concurrent connections, nat).



0
 
LVL 2

Author Comment

by:thor_08
ID: 24914565
Hi,
The firewall configuration must have 4 interfaces (1-GREEN, 1-BLUE, 2-REDs). The NICs are 100MBps and behind de Endian should be an ISA Server that would make the NAT job. So Endian should just forward paquets to the ISA Server. The concurrency is high and I need Endian to make Load Balanced and Fail over... Is that possible with the free version? What version do you recommend? WHat hardware configuration do you recommend?
Thanks!!
0
 
LVL 3

Accepted Solution

by:
mrworta earned 500 total points
ID: 24914850
With four 100mbps NICS's and current server hardware you should have no performance problem at all.

You'll get best performance if you have a minimum of 4 CPU core's (not HT, real ones).
This is because it gives you the ability to distribute soft irq's generated by network io across the cores.

For Linux firewalls in general we're using network cards where the drivers are "napi" (http://www.linuxfoundation.org/en/Net:NAPI). Which delivers a good overall performance.

The free Version of Endian does not support multi node Failover and real Load Balancing (between two or more independent hardware's), because it lacks the whole High Availability feature set. State synchronisation is crucial for load balancing.

You can use the link redundancy feature, which makes it possible to specify eg. backup ISP's.
And you could distribute traffic to two ISP's which are connected to a single firewall. But the options are limited in the free version.

If you want to set up a high availability firewall cluster, with two or more nodes, you'll need the "25+ Users" license.


For reference:
http://www.endian.com/en/community/feature-comparison/



0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Fine Tune your automatic Updates for Ubuntu / Debian
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now