[rokudan]

Curious about everyone's stats...

Back when I got into managing a CheckPoint system, it was running Firewall-1/VPN-1 version 3.0 on a Windows NT box. Short on money, we put everything into one box... Management Server, Gateway, and Logging... I think it was a Pentium 300 or so, with 256 RAM... We had about 130 users behind it, maybe 20 rules, and a few custom defined objects.. And not too much traffic.. I logged everything in accounting mode... System worked well, never a single crash, except for the time I decided to modify the rules file manually and hosed it... But it typically ran at 60-70% CPU, and 75% memory... Scrolling through the log file was a nightmare, even though I wrote a nice logswitch file, that kept them small... I'll include that at the end for nostalgic purposes...

Anyway, now a days times have changed... And I have a decent setup for our core firewalls...

We have two clusters.

Cluster 1 (Production Firewall)
2 Nokia IP530's

Cluster 2 (Internal Firewall)
2 Nokia IP530's

Both have 512 RAM. And the two do interface together to pass traffic...

Each cluster has it's own policy file, but share , mgmt server, logging and objects. They are currently managed by a single Windows box, and logging to it as well. That Windows box is an out of support Dell Pentium 800 with 1 gig RAM. (Don't worry I am moving to SPLAT on a new box for mgmt, and another new box same for logging.. Both 3GHz and 2 gig RAM)

Total we have about 2000 custom objects, and about 1200 custom services... Each policy has around 200 rules incorporating those objects and services...

We currently run about 5-10% CPU and around 60% memory... On the Gateways... The Mgmt/Logging server runs about 7% except when viewing logs or building/pushing policy, then spikes from 50-100% CPU...

As in the past, they are rock solid, and have yet to let me down... I've some changes to make since taking them over, but that will come in time...

So, what platforms and stats are the rest of you working with?