C613-22104-00 REV B URL Filtering or Web Control? | Page 30
Selecting a Security Solution Advanced Network Protection
The following table offers some guidelines for estimating the performance each UTM Firewall will
experience under each scenario described above.
URL Filtering or Web Control?
URL Filtering and Web Control are two services that govern which websites users are allowed to
access. The two services work in quite different ways, and therefore have different effects on
performance.
URL
Filtering
URL Filtering is a stream-based service. URLs are filtered using either a user-defined list (in which up
to a thousand blacklist and/or whitelist URL entries can be configured), or a downloadable list
(consisting of many thousands of known malicious website URLs) that can be frequently updated,
obtained via Subscription.
URLs are extracted from GET, HEAD, POST, PUT, and DELETE HTTP requests for matching against
white lists and black lists in real time. URL Filtering might be used within an organization wanting to
prevent access to a specific (user-defined) list of URLs via a low-latency stream-based service.
A
VPN
AGGREGATION
APPLICATION-
AWARE
FIREWALL AND
WEB CONTROL
REAL-TIME
THREAT PROTECTION
HIGH
SECURITY GATEWAY
Key to the
table
■ Firewall throughput
(UDP)
■ IPsec throughput
(UDP)
■ Number of tunnels
■ Number of users
b
■ Throughput (Enterprise
Traffic Mix
c
)
■ Connections per second
(TCP)
■ Number of flows
■ Number of users
■ Throughput (Enterprise
Traffic Mix)
■ Connections per second
(TCP)
■ Number of flows
■ Number of users
■ Throughput (HTTP)
■ Connections per
second (TCP)
■ Number of users
AR3050S
■ 800 Mbps
■ 400 Mbps
■ 100 tunnels
■ 50 users
■ 83 Mbps
■ 150 connections per
second
■ 10k flows
■ 20 users
■ 79 Mbps
■ 1000 connections per
second
■ 33k flows
■ 20 users
AR4050S
■ 2000 Mbps
■ 1000 Mbps
■ 256 tunnels
■ 200 users
■ 128 Mbps
■ 450 connections per
second
■ 22k flows
■ 100 users
■ 200 Mbps
■ 3000 connections per
second
■ 90k flows
■ 50 users
■ 250 Mbps
■ 400 connections per
second
■ 10 users
AR4050S
with UTM
Offload
■ 660 Mbps
■ 1300 connections per
second
■ 90 flows
■ 250 users
a. Actual performance may vary depending on network conditions and active services.
b. The number of users is a conservative estimate. When calculating the estimate, we assumed all users
have a high level of simultaneous Internet activity. The actual number of attached workstations connect-
ing via the UTM Firewall could be higher if not all are simultaneously and actively sending traffic.
c. The Enterprise Traffic Mix throughput figures are based on laboratory testing to simulate “real world”
applications and web traffic associated with a small-to-medium sized business (SMB) enterprise. This
test involves a mix of UDP, TCP and HTTP/HTTPS data types.
To Next Page
Loading...