Firewalls today are able to filter at line rate for a single flow on an interfac... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		readams on May 29, 2015 \| parent \| context \| favorite \| on: Why firewalls won’t matter in a few years Firewalls today are able to filter at line rate for a single flow on an interface. If you want to allow 100G by handing 10 10G flows in parallel this is completely possible, but not quite the same thing.

EtherealMind on May 31, 2015 [–]

Delivering this function is very costly, because of stateful inspection you must implement flow sticking which require buffering which then impacts performance

..... and so on and so on.

no, doesn't work.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact