Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 39 subscribers
  • Views 12708 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG - Maximum Rules limit

lferrara

Hi all,


it is a strange question, but does someone know what is the maximum number of rules the XG supports?

I am talking about Security Policies.

I asked the same question on UTM forum for UTM and I would like to know the same for XG. 

https://community.sophos.com/products/unified-threat-management/f/54/t/73574

I need to compete with other big Firewall installation where 10000 rules can break easily. Apart HW limitation, what about the SW?

Thanks.

Luk



This thread was automatically locked due to age.
Parents
  • 0
    Hi Luk,
    no definite answer. I suspect it is a CPU and memory limitation eg 64gb ram and a hex or more (real) core many ghz cpu and you could go for 1000s.

    Ian,

    home UTM 9.x running in ESXi 6 e3-1275v2

    AP55c and AP10 (courtesy Astaro)

    Three other UTMs, SUM and SFM in hibernation

    XG 15.x MR3 in hibernation

Reply
  • 0
    Hi Luk,
    no definite answer. I suspect it is a CPU and memory limitation eg 64gb ram and a hex or more (real) core many ghz cpu and you could go for 1000s.

    Ian,

    home UTM 9.x running in ESXi 6 e3-1275v2

    AP55c and AP10 (courtesy Astaro)

    Three other UTMs, SUM and SFM in hibernation

    XG 15.x MR3 in hibernation

Children
  • 0 in reply to IanMorehouse
    XG and UTM are using iptables so there should be some limit. Anyway I would like to know from Sophos if there are any limit and how the rules impact on performance. We know from datasheet that IPS impact for some % if all rules are enabled, how many recommended AP we can install for each SG/XG and so on.
    Hope to get this info from someone here otherwise I will contact Sophos directly and give back this sort of info here.
    Thanks.

    Luk
Unfiltered HTML