Hey Guys !!!
Few days ago I posted an article - UTM vs Distributed Architecture, where I concluded that UTM today is a clear winner. But datasheets and white papers of almost all the UTM companies are either misleading or confusing. Most of the UTM vendors try to play smart by defining throughput of every feature separately and most of the buyers just look at the firewall throughput because they are looking forward to buy a firewall.
Most of the OEMs try to hide the information in the fine prints and make * marks on the feature descriptions.Now lets have look at the snapshot taken from the datasheet of an UTM,
OEM had smartly mentioned the firewall throughput - 5 GBPS and Anti Virus Throughput is 200 MBPS. Now, maximum performance of any appliance could be as much as the least performing module in it. When comparing it with any hardware modules, lets take and example of an router -
We have a router with Gigabit interface on the LAN and Serial interface on the WAN side. So, What do expect the throughput of the router to be, even if the router has the potentional to perform in GBPS it would not be able to scale beyond 2 MBPS (Max throughput of a E1 line).
Similarly In case of UTM, Even if the throughput of firewall if 5 GBPS but when Anti-Virus is enable on the appliance, It would be able to forward packets any faster than 95 MBPS (Proxy) & 200 MBPS (Flow based).
Alrite that is something which we say confusing and while buying a UTM most the Network Admins focusses on the firewall throughput during sizing phase. Apart from this what do we find at the end of the datasheet -
Wow... so when your UTM is also performing SSL offloading to scan your data from HTTPS traffic (Majority of emailing sites today operate on HTTPS), Please expect the performance to downgrade.
Idea behind this post was not to discourage you from buying an UTM appliance but to guide you all about how to size your device properly after looking at all the aspects of your applications and end user behaviour.
Alrite guys.. just a thought I wanted to share with all you guys and trying to bring some awareness toward UTM sizing. Thanks for reading !!!
To know more about the advantages of using an UTM - Read This
Now cisco too had entered the UTM market - but an advance one
You might also like to read -
Want to know more about LISP - Read This
Cisco Nexus Overlay Transport Virtualization - Read This
Cisco Nexus FabricPath - Click Here
Cisco Nexus Fibre Channel over Ethernet - Read This
