Dear Balaji,

thanks balaji for the documents, it is good to start with , but if i have a data in TB that will be process by the firewall so which cisco FTD you will propose, The calculation in example is done on the existing utilization of the interface hence if I have a data in TB this means not that my whole data is going to flow in one shot, this will be decided on both side devices ( transmit and receive) to agree on transmit also it will depend on the MPLS bandwidth link to  transmit the data, so in this case how i shld calculate the throughput, based on the link u provided for 1 TB of data to process on firewall which firewall you will suggest,

from ur link below is the math's

1 TB *8 = 8796093022208 bits /1024/1024/1024 =8tbps to have this much throughput of firewall device is not a correct maths

1TB of data has to move from 1GIG interface, and the MPLS bandwidth is 1GIG the firewall what I will choose is 2120 FTD with 3 gbps of threat protection enabled throughput. which will transfer the 1TB of data in 2hrs 20 min,

Below is the math's, please correct me if I m wrong.

1TB is 1000000 MB  so convert in Mbps ( 1000000*8) = 8000000 Mbps  now my mpls bandwidth is 1Gbps i.e = 1000Mbps so if we divide 8000000/1000= 8000 seconds  further divide seconds /60 and further to get answers in hr again /60 so the results are 2 hrs 20 min.

thanks

Adam, you are correct in surmising that you should size the firewall based on the connected/upstream links - we care about throughput which correlates with circuit bandwidth, not about volume.

Regarding your calculations, there's more complexity to it. Remember that data storage is based on powers of 2. So 1 TB = 2^12 bytes = 1099511627776 bytes x 8 bits/byte = 8796093022208 bits. Then, when we convert, data speed is based on powers of 10. So 1 Gbps = 1,000,000,000 bits per second.

However, time to move that much traffic through the firewall also includes many other factors. For instance, the source file data bits need to be wrapped in an application format, transferred to TCP, which is transferred to IP, which is transferred to Ethernet frames. In the MPLS provider's backbone those Ethernet frames will further have MPLS tags added and may have lower level overhead like Ethernet encoding onto an optical transport network. Then there are things like the bandwidth-delay product and how the firewall Snort process handles the flow (or if you have exempted it with a fastpath rule in a prefilter policy).

https://en.wikipedia.org/wiki/Bandwidth-delay_product

https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/200420-Processing-of-Single-Stream-Large-Sessio.html

Sometimes the best way to move terabyte or more of data is to copy it to removable media and ship it to the destination. Use next day air shipping if speed is a priority. The potential bandwidth is huge though the latency isn't so great.

Nice to hear that you did some homework for the requirement here :

is this total Transfer to be in a given time, this is subject to Source and Destination (is this over Private circuit or over Internet varies). depend s on the contract you have with the provider.

1TB is 1000000 MB  so convert in Mbps ( 1000000*8) = 8000000 Mbps  now my mpls bandwidth is 1Gbps i.e = 1000Mbps so if we divide 8000000/1000= 8000 seconds  further divide seconds /60 and further to get answers in hr again /60 so the results are 2 hrs 20 min.

yes this is correct, if you have a full 1GB MPLS  connection SLA, most time you will not get 100% due to other overheads (again my statement  above will apply)

if the Link is dedicated no other services are using i take like 80% of Link [capacity and calculate) - this related to the speed of flow in and out on the interface.

Other factors not counted like, how Log the Local system writes into a disk of that TB Data coming to be factored here.

if you did the calculation and 21XX is good to go, if I have a budget i got with 2130 or 2140, looking at future requirements - have some buffer on the capacity always.

Hope this makes sense?

Dear Balaji/marvin 

you'll are VIP experts and need an advise from you people.

one question before i end this thread, please correct me if i m thinking wrong, 

if the customer is buying only 100 mbps MPLS link,  the firewall processing throughput will reach till 100Mbps (+-), please have a look below

server A ---firewall ( 3 gbps)----Mpls ( 100 mbps)-------MPLS 100 mbps-----firewall ( 10gbps)-----server B

when i m sending the traffic from branch to HO below are the points that need to be considered by the devices.

Server will process according to its compute resources, the traffic what the server process shld be accepted by the firewall compute  and also from the mpls link,  so at the end the traffic that can be transmitted to HO will not be more than 100 Mbps  if both the servers agree on tcp negotiation ( tcp fragmentation and etc etc).  so if incase I m keeping a huge firewall throughput  even the processing of the firewall throughput will be little more or less than 100Mbps, i do understand that we need to keep the buffer for the future growth and also for the traffic that is moving east to west between the interfaces.

Please correct me if m wrong.

Thanks

Dear Balaji/Marvin

Needs expert advise to confirm the above thoughts, please correct me if I m wrong.

Thanks