This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Device that can handle 1Gbps?

Hello all,

I hope this is the right category to post in. I'm looking for feedback on what device Sophos may have or the community may recommend, that can handle 1GBps fiber data at a remote location (offsite recovery node) and is easy to integrate. After setting up our node locally for backups, I'm moving it offsite to a data center. As it will be handling backups hourly for multiple VMs speed is going to be a factor. 

We have an SG210 here and several RED15 devices (at our other remote offices), but, looking at the RED50 it seems to only support 360Mbps tops.

I've thought about getting a small router that can create an IPSEC tunnel back and provide a firewall.

Any suggestions are better than no suggestions! :)



This thread was automatically locked due to age.
Parents
  • 1Gbps is very fast. Especially if you want that in IPSec. Shortly ago I read of a Cisco Firepower 1120 vs Draytek Vigor3910. (Hope it is ok to name other brands, if not someone has to obfuscate that or remove that post) Maybe Sophos has something in that range too? But I hope your budget isn’t small, because a small router won’t do that speed.

    Best regards 

    Alex 

    -

  • Hey Alex. I have a feeling we may have to go with the RED50. I know that any router will take a kit in the overhead of IP SEC and that 1Gbps is a "max". I have 1Gbps home service and get around 80MB/s sustained (not VPN'd and off of STEAM cdn servers) on my consumer routers (with modded firmware). Mind you I also chose a pair of routers that I know had the top WAN->LAN speeds in their class.I believe that with IPsec or an OpenVPN service this would more than likely go down to 40 or 50MBps tops.

    IF the RED50 can sustain the 360Mbps it lists as max throughput than it shouldn't be too far off what other solutions can offer.

    Is there any reason you can think of that the RED50 wouldn't even work in this scenario? We have another solution we're retiring at another center that uses a Juniper FW presently, but we really really really don't want to use it.

Reply
  • Hey Alex. I have a feeling we may have to go with the RED50. I know that any router will take a kit in the overhead of IP SEC and that 1Gbps is a "max". I have 1Gbps home service and get around 80MB/s sustained (not VPN'd and off of STEAM cdn servers) on my consumer routers (with modded firmware). Mind you I also chose a pair of routers that I know had the top WAN->LAN speeds in their class.I believe that with IPsec or an OpenVPN service this would more than likely go down to 40 or 50MBps tops.

    IF the RED50 can sustain the 360Mbps it lists as max throughput than it shouldn't be too far off what other solutions can offer.

    Is there any reason you can think of that the RED50 wouldn't even work in this scenario? We have another solution we're retiring at another center that uses a Juniper FW presently, but we really really really don't want to use it.

Children
  • Hi Dave,

    I'm just a customer, so I have to say sorry, but can't answer that. Simply because I've no personal experience with such high speed connections. I hope that someone with experience in such speeds in real life not on a paper here can answer that.
    Wish you the best for that project and I am a little curious if someone here has an answer for you.

    Best regards

    Alex

    -

  • Dave, I don't think the 210 can handle 1Gbps for a single connection, regardless of the RED or other device.  You will need IPS tuning and even then, I'm not sure you'd to be able to get 400Mbps for a single connection.  I would urge you to engage with your Sophos reseller to get Sophos' input on your situation.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA