[prev in list] [next in list] [prev in thread] [next in thread]
List: ipsec
Subject: Re: How many spd recrds ?
From: Stephen Kent <kent () bbn ! com>
Date: 2001-09-20 15:49:26
[Download RAW message or body]
At 5:21 PM +0430 9/20/01, mahdavi wrote:
>Hi Derek.
>I did not asked about theorical maximum.
>I just said "Typicaly how many SPD records are reqired ?".
>
>In Other sentence I said "I want to have an estimation of maximum SPD
>records that an administrator may defines".
>
>It is funny to think an administrator may define 2^32 firewall rules; and I
>know that.
>
>I mean regularly ( in average , typically , ... ) how many SPD record may
>an administrator define.
>
>Best regards
>mahdavi.
>
there is no simple answer to the question you asked. The number of
SPD entries is a function of the local access control policy and the
breadth of connectivity. A company using IPsec for an intranet VPN
might have very different SPD sizes from a company using IPsec to
support lots of dialup road warriors or telecommuters. In many
instances your question is very analogous to asking what is the
typicaly number of filter rules in a firewall. I think you will find
significant variation in the answer to that question as well.
Steve
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic