- 10 ways the Chinese Internet is different
- Hacker writes rootkit for Cisco's routers
- Verizon snares $678 million federal network deal
- Cisco loses $2 million order to Nortel
- HP buys EDS for $13.9 billion
Most companies have a solid disaster recovery plan in place to handle a "complete failure" of its Active Directory, which is really quite rare. What most recovery plans are missing, and the most common scenario, is a means to efficiently restore single directory objects. In this paper, we'll explore what most disaster recovery plans already address, highlight potential weak points, and suggest solutions that help fill those gaps-without requiring you to completely re-do your existing plan.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
Watch Raven Zachary, Research Director for Open Source at the 451 Group, an independent IT analyst firm, discuss the emergence of enterprise Linux and the role of Oracle Unbreakable Linux support.
We installed the PRO 1260 Enhanced running v3.0 Enhanced SonicOS in our lab network in front of 16 production Web servers to check security functionality and configurability. After running without incident for several days, we moved the PRO 1260 Enhanced onto our test bench for performance tests.
On the test bench, we used Spirent Communications' WebAvalanche and WebReflector to generate HTTP traffic and push it through the PRO 1260. To measure throughput capacity, we created a profile of HTTP transactions ranging in size from 2.2K bits to 1300K bits. This profile was chosen to approximate the observed HTTP traffic on a production Web farm.
We connected four of the ports on the PRO 1260 to the Spirent systems and used this profile. We gradually increased the number of connections per second until the HTTP response time added by the PRO 1260 Enhanced went above 200 millisec, which we consider an upper-limit for latency added by an Internet firewall. In our testing, we also used the PRO 1260's own monitoring tools to watch CPU load. We saw that as response times hit and went through the 200-millisec limit, the CPU load was in the high 90% range, indicating that the PRO 1260 was overloaded.
When we enabled anti-virus scanning, we used the standard settings for the PRO 1260. But because we were sending HTTP traffic through the box, most of these settings (having to do with behavior of SMTP traffic) should not have varied system performance.
When we enabled the intrusion-prevention system (IPS), we set the PRO 1260 to detect and block "high priority" events. Medium and low priority events were not enabled.
We used a similar setup to test the bandwidth-limiting feature. Using WebAvalanche and WebReflector, we configured four input and four output ports on the PRO 1260 box. We turned off anti-virus and IPS scanning, and enabled bandwidth limiting on traffic coming from the simulated HTTP servers to an aggregate of 2M bit/sec (512K per port). We then measured traffic from the simulated servers to see how well the bandwidth was limited. We also ran a test run without any bandwidth limiting to compare bandwidth usage when no limits were enabled.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
