NSA 4700 real-world SSL DPI and CFS performance
OESTech
Newbie ✭
Hi all,
I've got two NSA 4700 in active/standby HA. We are a school with maybe 1100 teachers, staff, students.
Does anyone have a good sense of the load on the firewall if I turned on CFS and SSL-DPI? I was watching a Sonicwall video on SSL-DPI and in their example a single user peaked at 210 SSL-DPI connections. If that's the case I'll eat up our 350,000 max connections pretty fast.
Category: Mid Range Firewalls
0
Answers
i would say start small like all I.T. pc's with the certs; you will see alot of sites not loading and might have to start a whitelist; phone calls got to be to much for us and went to endpoint third party to do the scanning on client end,, I'm all ears to make this work as it should but it just doesn't pan out for us. as far as connections i would say your correct.