I saw in a recent presentation that you support 100,000 concurrent connections, yet in the security services>proxy settings in the management console it shows the default value for persistent simultaneous connections at 2,000.
Also, on the presentation slide that mentions 100,000 connections it also talks about 5-7 million HTTP transactions per hours (burdened) and 5-15 ms, but in order to translate this to throughput (Mbps) we need to know what the average object/HTTP packet size was in the test methodology that created these performance metrics.
Can you please provide us this or other information regarding how you rate your appliances for throughput in Mbps? Also, is that latency of 5-15 ms assuming the 5-7 million HTTP transactions per hour, or would the latency be higher at this connection rate?
The high concurrent connections figure that you see is a duplex (client + server) TCP connections for a short period of time, and you can actually see the number of such connections by using a UNIX command on the appliance. While correct, this is more of a technical and theoretical limit. On the other hand, the "Simultaneous Persistent Connections" is the the maximum number of connections (sockets) the Web Proxy keeps open with servers for a sustained period of time. This is the practial value that we encourage you to use in your deployment.
About your Q on Mbps, I think your motivation there is sizing the hardware correctly for your environment. For a sizing that works in the real-life scenarios, we rely on the sustained HTTP requests that the appliance can handle. Multiplying it with an average object size can give you Mbps but the number can be easily manipulated by increasing the average object size. Thats why we size the hardware based on HTTP requests per second, which we can also correlate with the number of users supported. For sizing it is best to work with your IronPort System Engineer and / or log a case with IronPort Customer Support and they will be able to help you.
Obtaining Metrics for my customers is something which is quite confusing, given every different vendor uses different metrics. What is the UNIX command to show HTTP request per second, and is there some documentation on how to use this figure to size a deployment.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...