Security Incidents mailing list archives
Re: A question for the list...
From: Valdis.Kletnieks () vt edu
Date: Fri, 23 May 2003 13:50:07 -0400
On Thu, 22 May 2003 16:30:52 EDT, Gary Flynn <flynngn () jmu edu> said:
I'm not sure what to say about the problems with router performance. Other access control implementations could probably be designed to improve the efficiency of this process using (better?) hardware support for the filtering function.
The more modern Cisco boxes can handle fairly extensive ACLs at line speed,
and you can optimize it a lot by realizing that 95% or more customer ports
will have the "default" config and can share an ACL. And the Juniper and Fore
gear has always done well in that area.
However, there's a *LOT* of mom-n-pop ISPs out there who are running old
Cisco boxes they bought on E-Bay ("Networking and Telecom > Routers, switches"
currently has 12,205 items listed) - and when a 7206 is running $8K, and you
can pick up a 2610 for $375, the 7206's added CPU to deal with ACL's better
be able to save you some $7,500 for it to make business sense...
Attachment:
_bin
Description:
Current thread:
- Re: A question for the list..., (continued)
- Re: A question for the list... Anders Reed Mohn (May 20)
- RE: A question for the list... Dave Sharp (May 20)
- Re: A question for the list... Ray Stirbei (May 21)
- RE: A question for the list... Bojan Zdrnja (May 26)
- Re: A question for the list... Ray Stirbei (May 21)
- Re: A question for the list... Steven (May 20)
- Re: A question for the list... Chip Mefford (May 21)
- RE: A question for the list... Luc Pardon (May 21)
- Re: A question for the list... Keith W. McCammon (May 22)
- Re: A question for the list... Steve Barnet (May 22)
- Re: A question for the list... Gary Flynn (May 23)
- Re: A question for the list... Valdis . Kletnieks (May 25)
- Re: A question for the list... Dave Booth (May 22)
- Re: A question for the list... Kevin Reardon (May 22)
- Re: A question for the list... Brian Finn (May 22)
- Re: A question for the list... Kevin Reardon (May 23)
- Re: A question for the list... Brian Finn (May 22)
- RE: A question for the list... King, Brian (May 22)
- Re: A question for the list... Kevin Reardon (May 23)
- Re: A question for the list... Stephen P. Berry (May 23)
- Re: A question for the list... Jimi Thompson (May 23)
- Re: A question for the list... Chip Mefford (May 26)
- Re: A question for the list... Ray Stirbei (May 27)
- Re: A question for the list... Chip Mefford (May 26)