Frank Wortner wrote
For what it's worth, there are some basic questions I'd like to have
answered about a firewall product.
How many HTTP, FTP or what-have-u-P sessions can it sustain with some
reasonable level of throughput?
Even assuming that it does failsafe, at what point does it do so?
If it doesn't failsafe, what does happen?
What are the warning signs of impending failure or resource exhaustion?
What parameters should we watch for signs of capacity exhaustion?
When do individual components, such as logging subsystems reach
capacity? What happens then: do they fail, do they throttle
There are others, but these are just the ones that come to mind. The
response and failure under load information are particularly
a site like this, where we have to sustain litterally thousands of
WWW/FTP/GOPHER sessions at once.
There is useful knowlege to be gained here --- IFF less time is spent
arguing and more time spent testing, measuring, and publishing!
At last, some sense in this argument (IMO)! Surely, when buying anything, a
sensible buyer will decide more or less what spec he/she wants, and then
find the best product fit for that spec. Testing, then, should not
concentrate on what the supplier said the product *can* do (in most
countries you can sue against false advertising claims), but rather on
whether your designated spec is *actually* what you thought you wanted, and
what the product *can't* do that you thought it might (eg throughput
testing, etc). Certainly, that's the approach I've always used, and noone's
fired me yet!
As an aside, what does a pilot need a firewall for? I thought they were
busy enough as it was, without engaging in Web browsing!
Networking is for people <| who don't know how to SAIL
_____/ | \________
/ / | \ \
/ / | \ \ /\
/\ / /____| \ \ / \
/ \/ _______|_____\__ \/ \
/ \ Jay Barnes / \