On Wed, 10 Feb 2010, Mike Williams wrote:
Really, nobody firewalls at multi-Gbps?
yes, people run firewalls on 10G circuits
I am not aware of anyone filtering at 10G who is using off the shelf
hardware, with open source O/S.
Large enterprises use either commercial firewalls, for example
Juniper Netscreens, or build systems using FPGA cards with locally
produced code.
Either way the filtering is done in hardware.
In my experience the Netscreen 5x00 firewalls sold with 10G cards
and MGT3 card can not do line rate 10G, though it was marketed as
capable of 10G filtering. The newer, ie more expensive Juniper
SRX firewalls supposedly can do it. They are based on Juniper
heavy iron routers.
diana
