cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.

754
Views
0
Helpful
4
Replies
Trailerman
Beginner

SA520W - Presales Query on Performance

Hi

I wondered if I could beg some help on the SA520W and its real-world performance.

We're currently in dispute with Watchguard over the performance of their XTM-23w box.  In short it only offers 40Mbps UTM throughput, and this information was never published.  As a result our 120Mbps connection is being throttled to 40Mbps and we have to replace it.

Our first choice is currently the SA520W which appears to offer UTM throughput of 200Mbps.  Can anyone here perhaps confirm that this performance is typically delivered in the real world?  I don't mind sacrificing a little of our pipe in order to remain protected, but as TV and media compsoers, we tend to have to receive and deliver large audio and video files quickly, and so need to retain as much of our 120Mbps throughput as possible.

Any advice, feedback or general experience very gratefully received.

Jules

4 REPLIES 4
doug_counsil
Beginner

We have an SA540 and can only achieve ~18 Mbps throughput if IPS is enabled.  Verisign VIP and ProtectLink Web do not seem to adversely affect throughput however.  IPS signatures aren't kept up to date anyway so using the IPS functionality is somewhat pointless.

I hope this helps.

To add to Curtis' post, two days ago I spoke with a customer who has a 100 / 10 connection. Running IPS and protectlink, this person reached 50/4 connection. With the IPS disabled this person reached 90/8.

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

50 Mbps is probably more realistic with IPS enabled.  Most of our traffic is over SSL (VPN, etc.).  I think the deep packet inspection is very resource (CPU) intensive for SSL traffic.

Thoughts?

Mmmm ..... Cisco don't quote specs for IPS, but they state 200Mbps for UTM and 65Mbps for VPN.  I realize these are 'best case' figures, but it doesn't sound like real world performance is getting anywhere close to them.

I think we're going to need to have a rethink.

Many many thanks for the feedback.   I really don't want to make the same mistake twice.

Jules