Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 13010 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPS throughput

gimmy Hsueh

I bought a XG125 this year , and have a spec question. XG125 has high performance numbers as below :
Throughput 5,000 Mbps
IPS 1,000 Mbps
Concurrent connections 6,200,000
New connections/sec 35,000

I read the datasheet of XG125 , cannot find the testing critria note.
Like fortinet datasheet NOTE , IPS performance is measured using 1 Mbyte HTTP files , and Concurrent connection too.

I just wonder in what condition , XG series has this high score numbers?

Fortinet NOTE :

Firewall Throughput (1518 / 512 / 64 byte UDP packets)

Note: All performance values are “up to” and vary depending on system configuration. Antivirus performance is measured using 44 Kbyte HTTP files. IPS performance is measured using 1 Mbyte HTTP files.

 



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to lferrara

    Hi lferrara

    Agree you, but I just wonder the testing critria of XG firewall.

    Like the other brand in the market , ex: fortinet has note in the datasheet. 

    Firewall Throughput (1518/512/64 byte UDP)

    IPS performance is measured using 1 Mbyte HTTP and Enterprise Traffic Mix

    1. IPS performance is measured using 1 Mbyte HTTP and Enterprise Traffic Mix. 2. SSL Inspection is measured with IPS enabled and HTTP traffic, using TLS v1.2 with AES256-SHA. 3. Application Control performance is measured with 64 Kbytes HTTP traffic. 4. NGFW performance is measured with IPS and Application Control enabled, based on Enterprise Traffic Mix. 5. Threat Protection performance is measured with IPS and Application Control and Malware protection enabled, based on Enterprise Traffic Mix. 6. CAPWAP performance is based on 1444 byte UDP packets.

    I think it is reasonable to have this note with XG's high performance, just for user's reference. 

    Thank you.

  • 0 in reply to gimmy Hsueh

    Gimmy,

    I agree with you that more information on datasheet should be included. I do not agree with you about the datasheet in general.

    Vendors inside their datasheet wrote the Maximum performance and never the performance combined with other modules/engines. On Fortinet boxes (Fortigate) they promise gigabit and gigabit of performance but once you test them on a real benchmark (I did a benchmark on several appliances), performances go down and down as soon you enable other modules, so datasheet in this case are not very helpful.

    On UTM9, instead, I have to say that promised performance (Real Word performance from datasheet) can be used as "real" factor. I did not test the performance yet on XG, because I am still using UTM9 on most of the installations that I manage, but I expect that Sophos keeps their promises!

    Regards