CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 8 of 8

Thread: Verizon FIOS 800 mb/s service. How would a 680 hold up to that?

  1. #1
    Join Date
    2007-10-12
    Posts
    141
    Rep Power
    13

    Default Verizon FIOS 800 mb/s service. How would a 680 hold up to that?

    Verizon has it's GIG internet service available in my area. Kind of a lawsuit ready to happen because they are calling it gig, but saying it's good to 900 mb/s or so but in any event it's lot faster than the 150/150 that I current have.

    I ditched Verizon equipment long ago and have 2 locations on 680's VPN'd. I'm considering the upgrade to both sites as I do nightly backup swaps across the lines for off-site redundancy. With those speeds I'd considering moving more of the backup offsite every night.

    The 680 does have a gig WAN port but I was wondering if it would give me access to all of that speed? I think I ready somewhere that someone lab tested them and got pretty good speeds. I've actually got 2 680 demo units that only run for 30 days between resets so I might cable them up and give it a go to see how fast they'd run.

    Do you think the 680's will keep up with Verizon's new GIG service?

    Thanks,

    Roveer

  2. #2
    Join Date
    2005-08-14
    Location
    Gig Harbor, WA, USA
    Posts
    2,494
    Rep Power
    17

    Default Re: Verizon FIOS 800 mb/s service. How would a 680 hold up to that?

    Under ideal conditions with firewall only, maybe, but in a production scenario, probably not.
    The 1100 Series Datasheet, which uses the same hardware as the 600 Series, quotes the following for the 1180 (same as 680):

    • Production Firewall Throughput: 350 mb/s
    • Production Threat Prevention Throughput: 30 mb/s

    The 700/1400 Series appliances have significantly better hardware and (firewall only) should be able to keep up.
    Threat Prevention throughput is also significantly better, but not quite to the level of 900 mb/s.
    Full details here: https://www.checkpoint.com/products/...specifications
    http://phoneboy.org
    Unless otherwise noted, views expressed are my own

  3. #3
    Join Date
    2007-10-12
    Posts
    141
    Rep Power
    13

    Default Re: Verizon FIOS 800 mb/s service. How would a 680 hold up to that?

    Quote Originally Posted by PhoneBoy View Post
    Under ideal conditions with firewall only, maybe, but in a production scenario, probably not.
    The 1100 Series Datasheet, which uses the same hardware as the 600 Series, quotes the following for the 1180 (same as 680):

    • Production Firewall Throughput: 350 mb/s
    • Production Threat Prevention Throughput: 30 mb/s

    The 700/1400 Series appliances have significantly better hardware and (firewall only) should be able to keep up.
    Threat Prevention throughput is also significantly better, but not quite to the level of 900 mb/s.
    Full details here: https://www.checkpoint.com/products/...specifications
    I just poked around the spec sheet and realized in order to fully utilize all that FIOS speed in a VPN configuration (which is what i would want to do), I would need the 790 series which is quite an expensive beast (x2 for both locations). Guess I'll stay where I am.

  4. #4
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,652
    Rep Power
    10

    Default Re: Verizon FIOS 800 mb/s service. How would a 680 hold up to that?

    I really don't think a 790 could fill a 800 meg pipe of vpn traffic. vpn will always land on a single core (unless running that special r77.20 version i think) which means those 3 other cpu cores will basically be idle due to corexl limitations.

  5. #5
    Join Date
    2013-09-25
    Location
    Bucharest
    Posts
    649
    Rep Power
    7

    Default Re: Verizon FIOS 800 mb/s service. How would a 680 hold up to that?

    Quote Originally Posted by roveer View Post
    I just poked around the spec sheet and realized in order to fully utilize all that FIOS speed in a VPN configuration (which is what i would want to do), I would need the 790 series which is quite an expensive beast (x2 for both locations). Guess I'll stay where I am.
    Or you could throw 1000E or $ and buy 2 X Fortigate 50E to reach you needs :))))

  6. #6
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,652
    Rep Power
    10

    Default Re: Verizon FIOS 800 mb/s service. How would a 680 hold up to that?

    Quote Originally Posted by laf_c View Post
    Or you could throw 1000E or $ and buy 2 X Fortigate 50E to reach you needs :))))
    isn't that model software driven? Seems like it would have a hard time with vpn traffic as well.

  7. #7
    Join Date
    2007-10-12
    Posts
    141
    Rep Power
    13

    Default Re: Verizon FIOS 800 mb/s service. How would a 680 hold up to that?

    Quote Originally Posted by jflemingeds View Post
    I really don't think a 790 could fill a 800 meg pipe of vpn traffic. vpn will always land on a single core (unless running that special r77.20 version i think) which means those 3 other cpu cores will basically be idle due to corexl limitations.
    Spec's for 790 show 1,000 mbp/s vpn. Would think it should be able to run at 80%, no? In any event, it's all a bit pricey (cost of service, new hardware). Sure would be nice to have all that speed. Hopefully as time goes on, it will become a commodity and the cost will be reasonable.

  8. #8
    Join Date
    2013-09-25
    Location
    Bucharest
    Posts
    649
    Rep Power
    7

    Default Re: Verizon FIOS 800 mb/s service. How would a 680 hold up to that?

    Quote Originally Posted by jflemingeds View Post
    isn't that model software driven? Seems like it would have a hard time with vpn traffic as well.
    Double checked now: 200Mbps on IPSEC. FGT 60D can accomodate up to 1Gbps of IPSEC.
    How much a piece of 790 costs today?

Similar Threads

  1. Threat Emulation Hold Scanning
    By robs609 in forum Threat Prevention
    Replies: 11
    Last Post: 2016-06-24, 12:11
  2. Should We Hold a CPUG Conference in India?
    By Barry J. Stiefel in forum About This Discussion Board
    Replies: 2
    Last Post: 2010-05-31, 05:54
  3. DHCP Problem with Verizon FIOS
    By roveer in forum Check Point UTM-1 Edge Appliances
    Replies: 6
    Last Post: 2008-05-29, 15:17
  4. Verizon FIOS disconnects Every 1hr 55min
    By hooper in forum Check Point UTM-1 Edge Appliances
    Replies: 1
    Last Post: 2008-05-20, 17:53
  5. Anyone have a VPN-1 Edge connected to Verizon FIOS?
    By roveer in forum Check Point UTM-1 Edge Appliances
    Replies: 1
    Last Post: 2008-05-19, 11:38

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •