[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How many spd recrds ?
At 5:21 PM +0430 9/20/01, mahdavi wrote:
>Hi Derek.
>I did not asked about theorical maximum.
>I just said "Typicaly how many SPD records are reqired ?".
>
>In Other sentence I said "I want to have an estimation of maximum SPD
>records that an administrator may defines".
>
>It is funny to think an administrator may define 2^32 firewall rules; and I
>know that.
>
>I mean regularly ( in average , typically , ... ) how many SPD record may
>an administrator define.
>
>Best regards
>mahdavi.
>
there is no simple answer to the question you asked. The number of
SPD entries is a function of the local access control policy and the
breadth of connectivity. A company using IPsec for an intranet VPN
might have very different SPD sizes from a company using IPsec to
support lots of dialup road warriors or telecommuters. In many
instances your question is very analogous to asking what is the
typicaly number of filter rules in a firewall. I think you will find
significant variation in the answer to that question as well.
Steve
References: