Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 27 subscribers
  • Views 10956 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Arp Table Size

Robert Hoffmann

Is there a list with the capabilities of the ARP table for evry firewall modell? For other vendors it's easy to find.

 

Regards

Robert



This thread was automatically locked due to age.
  • 0

    Robert,

    I had a look at the datasheet but I was not able to find ARP table capability. Let's see if , can find out in that!

    Thanks

    Luk

  • 0

    Hi Robert,

    Can you give me an example of what exactly you are looking for, may be a link to what other vendor's list that could help me understand it.

    Thanks

  • 0 in reply to sachingurung

    Ok, but wondering about my question wasn't something Special....

     

  • 0 in reply to Robert Hoffmann

    I would like to add:

    maximum number of Firewall Rules or ACL allowed. Checkpoint, Fortigate show this numbers on their datasheet.

    I found this request more frequently on public tenders.

    Thanks

  • 0 in reply to Robert Hoffmann

    HI Robert 

    We do not have a current official document on the product datasheet , But We have added the Firewall Sizing Chart to check which device should you choose for your environment . 

    Since arp entry correlates to an ipaddress would the sizing guide be a 1:1 representation of arp

    The net.ipv4.neigh.default.gc_thres1, 2 ,3  on my system are set to..

     

     

    Thresh1 = the minimum number of entries to keep in arp cache, “garbage collector will not run if there are fewer”

     

    Thresh2 = the soft max to keep, the garbage collector runs after the allowed number exceeds this for5 seconds

     

    Thresh3 = the garbage collector will always run if there are more than this…

     

    So our minimum is 16384 and max is 32768

     

    Which is higher than the values in the tables noted.

  • 0

    Thank you for your efforts. Now the position of Sophos in Gartner MQ is obvious to me. IP entry isn't ARP entry. I have to decide for a performant and redundant firewall system for 5k users. I will decide for a Fortinet or Palo Alto System. It's more easy for me to explain my decision to my investors.

  • 0 in reply to Robert Hoffmann

    Robert,

    it depends on your needs. Contact a Sophos Partner to understand your needs in terms of feature and budget.

    UTM9/XG can fit on it in some cases. For example, web filtering is now working great on XG, WAF is not included on Fortigate (you need a separate appliance) and log the same (FortiAnalyzer).

    Anyway every products have its good/bad feature sets.

    Regards,