Specifications

ManualsBrandsWaters Network Systems ManualsComputer equipmentProSwitch-Quad Series

321

322

323

324

325

326

327

328

329

330

Network and System Management

329

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

Performance Management

• Bandwidth Capacity

• Features That Reduce Traffic

• Features That Increase Traffic

• Use QoS and Bandwidth Assignment to Shift the Traffic Mix

• Monitoring Tools for Traffic Management

Performance management consists of controlling the traffic through the VPN firewall so that

the necessary traf

fic gets through when there is a bottleneck.

You can either reduce

unnecessary traffic or reschedule some traffic to low-peak times to prevent bottlenecks from

occurring in the first place. The VPN firewall has the necessary features and tools to help the

network manager accomplish these goals.

Bandwidth Capacity

The maximum bandwidth capacity of the VPN firewall in each direction is as follows:

• LAN side. 4000 Mbps (four LAN ports at 1000 Mbps each)

• W

AN side

- Load balancing mode. 4000 Mbps (four WAN ports at 1000 Mbps each)

- Auto-rollover mode. 1000 Mbps (one active WAN port at 1000 Mbps)

- Single WAN port mode. 1000 Mbps (one active W

AN port at 1000 Mbps)

In practice, the WAN-side bandwidth capacity is much lower when DSL or cable modems are

used to connect to the Internet. At 1.5 Mbps, the W

AN ports support the following traffic rates:

• Load balancing mode. 6 Mbps (four WAN ports at 1.5 Mbps each)

• Auto-rollover mode. 1.5 Mbps (one active WAN port at 1.5 Mbps)

• Single WAN port mode. 1.5 Mbps (one active W

AN port at 1.5 Mbps)

As a result, and depending on the traffic that is being carried, the WAN side of the VPN

firewall is the limiting factor to throughput for most installations.

Using four WAN ports in load balancing mode increases the bandwidth capacity of the WAN

side of the VPN firewall, but there is no backup if one of the WAN ports fails. When such a

failure occurs, the traf

fic that would have been sent on the failed WAN port is diverted to

another WAN port that is still working, thus increasing its load. However, there is one

exception: Traffic that is bound by protocol to the WAN port that failed is not diverted.