Monday, December 20, 2021
[bmwg] AD Review of draft-ietf-bmwg-ngfw-performance
https://datatracker. … g-ngfw-performance
My recent review of the latest IETF NGFW performance testing Draft for RFC:
I think these guys are way off base with no grasp of reality. If you just want a raw
number of what a firewall can do without any real world issues, then MAYBE it’ll work
although I would argue that point…
=========================================================
Tim copley
Dec 16, 2021, 1:59 PM (4 days ago)
to Warren, draft-ietf-bmwg-ngfw-performance, bmwg
I also, wanted to chime in regarding this and again, I also apologize for not reviewing earlier.
I’ve not really been too involved in security devices until the last couple years, but boy has it changed
drastically from when I was. Also, I noted that this document is basically following prior standards that
are also a bit out dated.
Some of the evolution, I’ve noticed which I think should at least be addressed in. I think you tried
to exclude these in the Scope.? However I’m not really sure you are covering but maybe 1/2 of the devices
that are being deployed at this time without addressing:
Virtualization. / Remote FWs in the next gen.
*) Large FWs are compartmentalizing Customers and serving multiple customers with the same firewall. So while
you have said what would happen to a customer when The Firewall is UT, you don’t really address what’s going
on with all the other customers on this DUT. If there are 10 Customers going through 1 large FW, what are the
other 9 experiencing when this is under Test. Would be interesting to have multiple parallel tests underway
and verify that behaviour is consistent across every “VDOM” within the system?
*) Time to Change. If things are changed during your Load profile.perhaps even on a different virtual Firewall
within the system,
*) Sandbox dips. Several of the firewall vendors send stuff through labs / temp work spaces either online or
offline that allow them to test against Zero Day scenarios. What happens to traffic flows during anomalies
in the traffic flows. Does it change the throughput of the DUT? I know this is kind of an open ended question.
but not sure you have good benchmark stats for a FW without it…
*) Cloud based scenarios. If the firewall is removed, and I’m not really sure how you would test this with
consistent results, but if the FW is offsite and the traffic is being routed through a Cloud based FW What does
that do to your traffic results?
TimC
Fruth Group
tcopley@fruthgroup.com
======================================================================
–
Timothy Copley
602.350.0633
Wednesday, September 8, 2021
E-mail Maint
Where is all my mail going for each account? PITA….
root@azcopley:/home# cat forward.sh #!/bin/bash ECHO="/usr/bin/echo" FILES="/home/*" for ENTRY in $FILES do $ECHO "ACCOUNT: " $ENTRY cat $ENTRY/.forward $ECHO "-----------------------------------------" done $ECHO "--------------------DONE------------------"
TO Here:
:/home# ./forward.sh ----------------------------------------- ACCOUNT: /home/acp timc@azcopley.com jeannie@azcopley.com ----------------------------------------- ACCOUNT: /home/ccp timc@azcopley.com jeannie@azcopley.com ----------------------------------------- ACCOUNT: /home/copleyproperties timc@azcopley.com jeannie@azcopley.com ----------------------------------------- ACCOUNT: /home/crac timc@azcopley.com jeannie@azcopley.com ----------------------------------------- ACCOUNT: /home/jeannie jeanniecopley@gmail.com ----------------------------------------- ACCOUNT: /home/jojoba timc@azcopley.com jeannie@azcopley.com ----------------------------------------- ACCOUNT: /home/mcp timc@azcopley.com jeannie@azcopley.com ----------------------------------------- ACCOUNT: /home/pcp timc@azcopley.com jeannie@azcopley.com ----------------------------------------- ACCOUNT: /home/tcp timc@azcopley.com jeannie@azcopley.com ----------------------------------------- ACCOUNT: /home/tim timc@azcopley.com ----------------------------------------- ACCOUNT: /home/timc ----------------------------------------- ACCOUNT: /home/timcopley timc@azcopley.com ----------------------------------------- ACCOUNT: /home/tuv timc@azcopley.com jeannie@azcopley.com ----------------------------------------- --------------------DONE------------------ home#
Tuesday, June 8, 2021
XCH - Chia Coin hit 23.065 ExaBytes this morning
Tue 08 Jun 2021 03:41:02 PM UTC ------------------------------------------------------------------ -- chia farm summary -- ------------------------------------------------------------------ Farming status: Farming Total chia farmed: 0.0 User transaction fees: 0.0 Block rewards: 0.0 Last height farmed: 0 Plot count: 412 Total size of plots: 40.782 TiB Estimated network space: 20486.711 PiB Expected time to win: 3 months and 2 weeks
I’m at 412 plots or 40.782 TBytes. That’s a lot of storage to be using for something
that’s not really doing anything or making anything. But, I’ll continue on for another
couple months. I’m using about 1.8TB of storage a day for Chia… I’ll run out of
spare space in another month or so..
Anyway, here is my idea. There is a MASSIVE amount of storage being reserved for
chia that’s basically Lottery Tickets. Wouldn’t it be cool if all that storage was
actually being used for something? Say, GENOME Research? Heya Bram Cohen !!!
You are the one who setup bit torrent, I know it’d be pretty easy to have data shared
across multiple computers and without to much impact on the computers doing the
storage you could store stuff inside of all those files. Distribute 1 PB across 10,000
files and do block assembly at the head end. Heck even store them on 10 computers
for faster read or 100. Nobody wants to take them down for sake of potentially loosing
out on the Lottery… So a file could be recreated pretty easily.
Or calculating PI to some insane number…. Or something scientific. I could think of
a few math problems that would be intersting.
Or Perhaps that’s already the plan?
23PB That’s larger than all the data storage companies put together. It’s such a big
number it’s hard to imagine Only things I could come up with only look at what an
actual PB is, not X23….
Tuesday, August 25, 2020
Flight Aware
I started running Fligtaware from my home the other day 8/1/20
With a (5 / 7) DBi Antenna
Flightaware Opens in a new Window
and then again on 8/15/20 with another antenna (9 / 10 / 12 DBi)
Flightaware 2
Opens in a new window
The 5/7 is on the roof. The 9/10/12 DBi is in my office.
Going to be putting the larger antenna up on the roof in the near future.