Firewall vs Connection speed

Discussion in 'other firewalls' started by Jeremy2, Jul 23, 2005.

Thread Status:
Not open for further replies.
  1. Jeremy2

    Jeremy2 Registered Member

    Joined:
    Aug 17, 2004
    Posts:
    72
    Hi,

    Is there any comparative study of firewall versus internet connection speed.
    Or maybe some users, can comment on their experience.

    Thanks
     
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    i personally havent noticed any slowdown in my internet connection when using a firewall. ur computer, what firewall u use and how u configure it, and other programs u have installed (especially proxies) can all affect ur internet speed.
     
  3. halcyon

    halcyon Registered Member

    Joined:
    May 14, 2003
    Posts:
    373
    Kerio 2.x and 4.x series: slow down 100Mbit/s - 1000Mbit/s ETHERNET connection speeds (even down to half of practical maximum on 100Mbit/s on a slower computer).

    Outpost Pro 2.x - slow down with multiple fast connections (p2p or super heavy surfing with multiple simultaneus tabs and tweaked http settings), unless you use the experimental/tweaked Outpost kernel versions.

    Look'n'Stop - no serious bandwidth limiting that I've noticed myself in my testing, although I haven't tested this with a slower CPU.

    Other than those, I have not tested.
     
  4. Jeremy2

    Jeremy2 Registered Member

    Joined:
    Aug 17, 2004
    Posts:
    72
    Thanks halcyon for your feedback.
    I also did notice for outpost, the slow down with simultanous tabs openned, with tweaked http tweaking, I'm using Firefox.

    Also, what do you mean by the experimental tweaked outpost kernel version, and where can we download it?
     
  5. halcyon

    halcyon Registered Member

    Joined:
    May 14, 2003
    Posts:
    373
    Look in the agnitum.com Outpost user support forum. Several modifications are available there. Use at your own risk.
     
  6. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    My experience.

    Hardware or age of machine. Correct drivers for age of machine and so on are much more critical to connection speeds. Of course incorrect settings, wrong choices of firewall question popups will of course always effect speed and easy of internet use. There is a trade off but it has been slight to none.

    Some, they confuse connection speeds with screen loads and lots of things that can vary with what I said above. Without "meters" it is hard to tell.

    The performance minded love to tinker. :D :D

    Sorry, I don't think this really helps or answers your question. But it has been my experience. ;)
     
  7. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    The only firewall that I have used that seemed to slow down start up or connection speed is Zonealarm. But it wasn't enough to quit useing it at the time. I most always use Kerio 2.1.5 and really can't tell it's there resource or connection wise.
     
  8. ghost16825

    ghost16825 Registered Member

    Joined:
    Feb 1, 2005
    Posts:
    84

    Three things are likely to be the main contributors (some dependent on each other):

    1. Commonality of the traffic and/or rate of new connections created.
    2. Number of rules in the ruleset
    3. Type of internal table mechanism

    For point number one, some firewalls may slow down for a number of packets with varied packet fields. Also, often the time to add one connection to the firewall table takes the longest amount of time. Searching the table is usually much quicker. As a conquence, P2P apps often result in quite a slowdown when a firewall is used.

    For point number 2, depending on point number 3 a large number of rules may result in a somewhat noticeable slowdown. For Kerio 2x, from my experience, the internal searching mechanism seems to be top-down-linear, just like the interface seems to suggest. Hence, how the rule is matched and how far up the table a rule is are both important factors. It would seem theoretically that with other firewalls like Jetico, rule order makes little difference, since the engine seems to be 'cross-database' based. So, all operations (adding to the table, searching) might be done in constant time.

    Lastly, cpu usage may also be a factor if multiple applications are running.
     
  9. halcyon

    halcyon Registered Member

    Joined:
    May 14, 2003
    Posts:
    373
    I can say with a high degree of certanity that on my comp (A64/2.6Ghz, 2GB, fast SATA II, XP Pro, optimized, Full rate ADSL, Firefox tweaked with a stopwatch) the slowdowns are not related to the machine itself, but to the software taking way too much processing time.

    Of course, if we all had 100Ghz photonics quantum computers, this would all be moot with the current software, but we live in reality.

    Hence, with a computer that is one step down from the fastest possible desktop system you can buy, slowdowns are easily apparent on some software firewalls either on local ethernet or even with multiple simultaneous http connections.

    Whether one is bothered by it, is a completely different matter altogether.

    Speed is sometimes the thing one has to take a hit on for improved security.
     
  10. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    The very first firewall I used is ZoneAlarm 5.5 and it really have a slow start up and shut down and also my connection speed is slow. When I switched to Kerio 4.1.3 I was surprised, my internet speed increased dramatically and it is very smooth in my system but it is very hard to configure so I look for another firewall. And now I have NetVeda safety.net 3.61 and works fine and light like the Kerio. With Netveda my speed is very good and the best part is that it is easy to configure.

    I am only using a dial-up connection... and for new firewall users and slow connections I think NetVeda is the best. :cool:

    I use Firefox browser w/ Firetune and also a Morpheus Internet Accelerator... I think it also helps in improving the speed of my connections. ;)
     
    Last edited: Jul 30, 2005
Loading...
Thread Status:
Not open for further replies.