View Full Version : Improving Performance

Barry J. Stiefel
2005-08-13, 16:26
Improving Performance

While not a complete list, here are some things I would do:

Put the most commonly used rules at the top of the rulebase.
Reduce the number of rules by combining similar rules.
Reduce or eliminate the use of the security servers.
Do not use Domain objects.
Use "networks" instead of address ranges in address translation.
Reduce the number of group objects used in NAT rules.
If using Session Authentication, use the Implicit Client Auth (http://www.phoneboy.com/bin/view.pl/FAQs/ImplicitClientAuth) trick.
Where possible, do not use the Security Servers.
Reduce logging.

-- PhoneBoy (http://www.phoneboy.com/bin/view.pl/Main/PhoneBoy) - 11 Jan 2004

FAQForm (http://www.phoneboy.com/bin/view.pl/FAQs/FAQForm) FAQs.Class: MiscellaneousFAQs (http://www.phoneboy.com/bin/view.pl/FAQs/MiscellaneousFAQs) FAQs.OS: FAQs.Version: