SonicWALL's initial response to results of our SSL decryption tests was "you've got to be kidding - we go way faster than that." Indeed, the vendor's internal tests showed the Supermassive decrypting SSL traffic at rates well into the gigabit range, compared with less than 100 Mbps in some of our tests.
SonicWALL's initial response to results of our SSL decryption tests was "you've got to be kidding - we go way faster than that." Indeed, the vendor's internal tests showed the Supermassive decrypting SSL traffic at rates well into the gigabit range, compared with less than 100Mbps in some of our tests.
The difference has to do with the rate at which we offered traffic, and the results say something interesting about the way highly parallel systems work.
The Supermassive is aptly named. Its CPUs have 96 cores (and up to 384 cores in a high-availability cluster with four systems). As new flows come in, the system assigns them to new cores, repeating the process until all cores are fully utilized.
The forwarding-rate tests used the same configuration as the earlier evaluation of Palo Alto's PA-5060, with the Spirent Avalanche traffic generator configured to emulate concurrent 126 "SimUsers" (a load-generation concept similar to one user going through a list of URLs). With that load, the Supermassive's overall system CPU utilization barely topped 2%, suggesting it had plenty of headroom to handle higher traffic rates.
As SonicWALL predicted, rates shot up - way up - as we added SimUsers. The maximum load its system could handle without errors was around 5,800 SimUsers. The resulting forwarding rates - around 4.8Gbps in some cases - were far higher than those with 126 SimUsers.
We also tried a few SSL decryption tests with 5,800 SimUsers on the other vendors' systems, but none could handle that load without at least some transaction failures.
SonicWALL says the difference in results isn't so much a function of the number of users as the rate at which we offered traffic. We agree; on a per-user basis, the rates are pretty similar in the 126- and 5,800-SimUser tests. In this light, there's merit to SonicWALL's assertion that the 126-SimUser configuration didn't push its device hard enough.
On the other hand, other devices moved traffic from the same 126-SimUser configuration at higher rates. Since we used the same test with all devices, the different results can only be explained by device architecture. The other devices tested may have had higher CPU utilization, or deeper buffers, or both.
SonicWALL's Supermassive can decrypt SSL traffic very fast - in fact these one-off tests show it to be the fastest device by far. At the same time, its highly parallel architecture may produce lower rates in situations where a relatively few flows are active at any given time.
Here are some alternative email services to Gmail, and the one that I picked while trying to kick...
Facebook has a new logo, though most will be hard-pressed to tell the new one from the old one.
A carrier technology that uses Wi-Fi frequencies to provide LTE connectivity could let the big wireless...
Sponsored by SevOne
Sponsored by HP
DDoS attacks can be amplified through SOHO routers that still use the Routing Information Protocol...
Business is booming in 2015, and across the country IT organizations are loosening the purse strings...
In this free PDF download, you'll get step-by-step instructions for setting up VPN access to SQL...
A look at the high-tech tools Cisco employs to establish communications in areas that have recently...