Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
347
Views
0
Helpful
2
Replies

What is affecting the performance of a Pix firewall?

adrian.grigorof
Level 1
Level 1

‎06-30-2004 07:00 AM - edited ‎02-20-2020 11:29 PM

Here is a question for Pix gurus:

What puts a heavier load on a Cisco Pix firewall:

- 4000 DNS requests generating 1 MB of traffic

or

- 1000 HTTP requests generating 50 MB of traffic

or

- 10 FTP downloads generating 500 MB of traffic

Is the Pix using more resources to establish a new connection or to pass traffic through an existing one? So Pix resources (memory, CPU) not Internet bandwidth.

Adrian Grigorof

Developer, FireGen for Pix Log Analyzer

http://www.eventid.net/firegen/firegenpix2.asp

0 Helpful
2 Replies 2

scoclayton
Level 7
Level 7

‎06-30-2004 06:06 PM

Difficult to answer...in general however, the PIX spends more time building and tearing down connections and translations so #1 above would most likely be the winner.

Scott

0 Helpful

jtroney
Level 1
Level 1

‎07-01-2004 03:21 AM

Adrian,

I think the answer is somewhat dependent upon

whether or not "fixup" is enabled for DNS, HTTP, and

FTP first and foremost, and configuration options

disabling SYSLOGGING ....

(Which would tend to cause problems for any type

of log analysis....)

Then, followed by the hardware platform whether

standalone PIX525/535 or FWSM/7600 FWSM/6500.

There is obviously more work in establishing connections, setting up internal tables, which

would tend to lead one to suspect 4000 DNS requests

coming in at once would probably be more CPU intensive than the others listed.

John T. Roney

AT&T

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card