SonicWALL's initial response to results of our SSL decryption tests was "you've got to be kidding - we go way faster than that." Indeed, the vendor's internal tests showed the Supermassive decrypting SSL traffic at rates well into the gigabit range, compared with less than 100 Mbps in some of our tests.
SonicWALL's initial response to results of our SSL decryption tests was "you've got to be kidding - we go way faster than that." Indeed, the vendor's internal tests showed the Supermassive decrypting SSL traffic at rates well into the gigabit range, compared with less than 100Mbps in some of our tests.
The difference has to do with the rate at which we offered traffic, and the results say something interesting about the way highly parallel systems work.
The Supermassive is aptly named. Its CPUs have 96 cores (and up to 384 cores in a high-availability cluster with four systems). As new flows come in, the system assigns them to new cores, repeating the process until all cores are fully utilized.
The forwarding-rate tests used the same configuration as the earlier evaluation of Palo Alto's PA-5060, with the Spirent Avalanche traffic generator configured to emulate concurrent 126 "SimUsers" (a load-generation concept similar to one user going through a list of URLs). With that load, the Supermassive's overall system CPU utilization barely topped 2%, suggesting it had plenty of headroom to handle higher traffic rates.
As SonicWALL predicted, rates shot up - way up - as we added SimUsers. The maximum load its system could handle without errors was around 5,800 SimUsers. The resulting forwarding rates - around 4.8Gbps in some cases - were far higher than those with 126 SimUsers.
We also tried a few SSL decryption tests with 5,800 SimUsers on the other vendors' systems, but none could handle that load without at least some transaction failures.
SonicWALL says the difference in results isn't so much a function of the number of users as the rate at which we offered traffic. We agree; on a per-user basis, the rates are pretty similar in the 126- and 5,800-SimUser tests. In this light, there's merit to SonicWALL's assertion that the 126-SimUser configuration didn't push its device hard enough.
On the other hand, other devices moved traffic from the same 126-SimUser configuration at higher rates. Since we used the same test with all devices, the different results can only be explained by device architecture. The other devices tested may have had higher CPU utilization, or deeper buffers, or both.
SonicWALL's Supermassive can decrypt SSL traffic very fast - in fact these one-off tests show it to be the fastest device by far. At the same time, its highly parallel architecture may produce lower rates in situations where a relatively few flows are active at any given time.
Tech recruiters say Apple has lost its appeal as the top destination for talent, as startups with less...
New Sup6T has arrived, as well as a low-end supervisor for the 4500-E and a "Mini" for small sites
A prominent Linux kernel developer announced today in a blog post that she would step down from her...
The president wants to spend $3.1 billion to just to upgrade legacy systems.
The Surface Pro 4 and iPad Pro are both high-end, sleek and powerful hybrid tablets. But when it comes...
Worried about possible privacy problems in Windows 10? We offer some quick and easy ways to protect...
Imagine having large-scale, rogue IT operations right under your nose, moving massive amounts of data,...