Is there any point?
Any idea what kind of throughput the PIX itself will support if I put a couple of Gb interfaces in it?
Is there any point?
Any idea what kind of throughput the PIX itself will support if I put a couple of Gb interfaces in it?
Generally speaking, firewalls are governed by sessions and everything depends on what kind of services you are running on it. This is taken from Cisco's 525 site:
"The Cisco PIX 525 modular two-rack-unit design supports up to eight
10/100 Fast Ethernet interfaces or three Gigabit Ethernet interfaces, making it an ideal appliance for businesses that need a resilient, high-performance, Gigabit Ethernet-ready solution that provides solid investment protection. It also delivers more than 330 Mbps of firewall throughput with the capability to handle more than 280,000 simultaneous sessions."
It is bus limited -- all of the Gb interfaces on a PIX 525 are on a single PCI 32 card, if I recall correctly.
330 Mb/s is the standard PCI 32 bus limitation I believe.An important difference between the PIX 535 and 525 is that the PIX 535 uses two busses, one PCI 32 and the other PCI 64; the second generation PIX GB interface card is designed to support the PCI 64 but the first generation interface card (such as was sold with the PIX 525 originally) is not. (Which really only makes a difference if you take a card out of a 525 and put it into a 535.)
(Some of the documentation hints that later generation PIX 535 went for two PCI 64 busses, but that was not stated explicitly in any document I recall seeing.)
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.