2.2.33. (Reference) Performance measurement result of Managed FW / UTM¶
The values resulted from Managed FW/UTM performance measurement executed by NTT Communications are as follows.
The maximum value for each measurement item was measured. That is, simultaneous measurements of the maximum values of all performance items were not conducted.
As for configuration, a redundant configuration was employed.
The Log setting of the firewall rule is set to ALL and set Log Sending Settings to a Customer Managed Syslog Server. .
This performance measurement result is the result of the region where the virtual network maintenance is completed. For completed regions, please refer to Virtual network maintenance .
The verification result here is to be used just for reference. Please note that assurance of the performance is not intended with the result.
2.2.33.1. Managed FW/UTM¶
2.2.33.1.1. Non-encryption communication test¶
Configuration diagram
Measurement result
Measurement item |
Measurement condition |
Measurement result |
|
| 2CPU-4GB | 8CPU-12GB | ||
L4 UDP throughput (* 1) |
Protocol : UDP
Data Size: 1,522 bytes
NAT: Yes
Number of ACL: 100
|
1.2 Gbps | 1.8 Gbps |
L4 UDP Latency |
Protocol : UDP
Data Size: 1,522 bytes
NAT: Yes
Number of ACL: 100
|
1.1 ms | 1.4 ms |
Number of simultaneous TCP connections in terms of L4 |
Protocol: HTTP
Number of new connections: 500 cps
Multiplicity: Tenfold
Data Size: 64 bytes
NAT: Yes
Number of ACL: 100
|
200,000 connections |
200,000 connections |
Number of new TCP connections in terms of L4(* 2) |
Protocol: HTTP
Number of new connections: 3000 cps
Multiplicity: Tenfold
Data Size: 64 bytes
NAT: Yes
Number of ACL: 100
|
5,000 cps | 5,000 cps |
Note
(* 1) Total value of 3 line.
(* 2) There is a possibility that it will be the session limit when using a system that requires many sessions. As an example, Microsoft Office 365 will use approximately 50 sessions per ID.
2.2.33.1.2. Encryption communication test¶
Configuration diagram
Measurement result
Measurement item |
Measurement condition |
Measurement result |
|
| 2CPU-4GB | 8CPU-12GB | ||
IPsec Throughput |
1 site
Protocol: IKEv1 / ESP
Proposal: aes256-sha512
DH: 21
NAT: Yes
Number of ACL: 100
|
0.3 Gbps | 0.35 Gbps |
15 sites
Protocol: IKEv1 / ESP
Proposal: aes256-sha512
DH: 21
NAT: Yes
Number of ACL: 100
|
0.3 Gbps | 0.35 Gbps |
2.2.33.2. Managed UTM¶
The following result is the result of enabling UTM function (IPS, anti-virus, WebFilter).
Measurement result
Measurement item |
Measurement condition |
Measurement result |
|
| 2CPU-4GB | 8CPU-12GB | ||
Number of new TCP connections in terms of L4(* 3) |
Protocol: HTTP
Number of new connections: 200 cps (2CPU-4GB)
Number of new connections: 500 cps (8CPU-12GB)
Multiplicity: double
Data Size: 64 bytes
NAT: Yes
Number of ACL: 100
|
30,000 connections |
80,000 connections |
Number of new TCP connections in terms of L4 |
Protocol: HTTP
Number of new connections: 200 cps (2CPU-4GB)
Number of new connections: 450 cps (8CPU-12GB)
Multiplicity: Tenfold
Data Size: 64 bytes
NAT: Yes
Number of ACL: 100
|
2,000 cps | 4,500 cps |
L7 Throughput |
Protocol: HTTP
Number of new connections: 200 cps (2CPU-4GB)
Number of new connections: 400 cps (8CPU-12GB)
Multiplicity: double
Data Size: 64 kbyte
NAT: Yes
Number of ACL: 100
|
200 Mbps | 400 Mbps |
Note
(* 3) There is a possibility that it will be the session limit when using a system that requires many sessions. As an example, Microsoft Office 365 will use approximately 50 sessions per ID.