SonicWALL's initial response to results of our SSL decryption tests was "you've got to be kidding - we go way faster than that." Indeed, the vendor's internal tests showed the Supermassive decrypting SSL traffic at rates well into the gigabit range, compared with less than 100 Mbps in some of our tests.
SonicWALL's initial response to results of our SSL decryption tests was "you've got to be kidding - we go way faster than that." Indeed, the vendor's internal tests showed the Supermassive decrypting SSL traffic at rates well into the gigabit range, compared with less than 100Mbps in some of our tests.
The difference has to do with the rate at which we offered traffic, and the results say something interesting about the way highly parallel systems work.
The Supermassive is aptly named. Its CPUs have 96 cores (and up to 384 cores in a high-availability cluster with four systems). As new flows come in, the system assigns them to new cores, repeating the process until all cores are fully utilized.
The forwarding-rate tests used the same configuration as the earlier evaluation of Palo Alto's PA-5060, with the Spirent Avalanche traffic generator configured to emulate concurrent 126 "SimUsers" (a load-generation concept similar to one user going through a list of URLs). With that load, the Supermassive's overall system CPU utilization barely topped 2%, suggesting it had plenty of headroom to handle higher traffic rates.
As SonicWALL predicted, rates shot up - way up - as we added SimUsers. The maximum load its system could handle without errors was around 5,800 SimUsers. The resulting forwarding rates - around 4.8Gbps in some cases - were far higher than those with 126 SimUsers.
We also tried a few SSL decryption tests with 5,800 SimUsers on the other vendors' systems, but none could handle that load without at least some transaction failures.
SonicWALL says the difference in results isn't so much a function of the number of users as the rate at which we offered traffic. We agree; on a per-user basis, the rates are pretty similar in the 126- and 5,800-SimUser tests. In this light, there's merit to SonicWALL's assertion that the 126-SimUser configuration didn't push its device hard enough.
On the other hand, other devices moved traffic from the same 126-SimUser configuration at higher rates. Since we used the same test with all devices, the different results can only be explained by device architecture. The other devices tested may have had higher CPU utilization, or deeper buffers, or both.
SonicWALL's Supermassive can decrypt SSL traffic very fast - in fact these one-off tests show it to be the fastest device by far. At the same time, its highly parallel architecture may produce lower rates in situations where a relatively few flows are active at any given time.
A jury in San Francisco has cleared Google of copyright infringement in a case brought by Oracle over...
A review of 19 companies that offer free cloud storage
The Internet of Things is predicted to grow to a $1.4 trillion market by 2020, which means there are...
Some 40,000 striking Verizon workers are poised to resume their regular job duties next week after...
In the field, at the server rack, or in need of a live stream, these essential IT tools will help your...
This week SaaS giant Salesforce.com and IaaS behemoth Amazon Web Services codified a partnership that...
Whenever creating a budget, there is always the rainy day fund in case of unexpected circumstances. But...