Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
2678 Views 9 Replies Latest reply: Nov 4, 2013 12:02 AM by Odai zZ RSS
maherr Newcomer 20 posts since
Jun 27, 2011
Currently Being Moderated

Sep 29, 2012 3:18 AM

McAfee Web Gateway-the right model

Dears,

I have a problem in choosing the right McAfee Web Gateway Model.

I need a McAfee web gateway supporting up to 60,000 concurrent sessions and ability to support at least 200Mbps throughput.

Thanks

  • eelsasser McAfee SME 841 posts since
    Mar 24, 2010
    Currently Being Moderated
    1. Sep 29, 2012 12:40 PM (in response to maherr)
    Re: McAfee Web Gateway-the right model

    You can't really size by concurrent sessions. 1 user could have 4 or 200 concurrent sessions at any one time and the session could be less that 1 minute.

     

    You need to know things like:

    How many users?

    What kind of users?

    How will you deploy (Explicit, WCCP)?

    How many locations?

    How much redundancy? (N+1?)

    Do you want authentication?

    Do you want SSL scanning?

    How many requests/second will you have at sustained and peak times?

    Do you require Redundant Power or RAID?

     

    These are the kinds of questions you need to ask.

     

    It could be one WG5500 or 6 WG4500s. It all depends on your architecture.

  • eelsasser McAfee SME 841 posts since
    Mar 24, 2010
    Currently Being Moderated
    3. Oct 1, 2012 8:57 AM (in response to maherr)
    Re: McAfee Web Gateway-the right model

    All of you statistics indicate that the WG5500 would work for you.

    Except the last one.

     

    6,000 requests per second is unlikely to be achieved by only 6,000 users.

    We usually count 6,000 users as averaging only about 600 Requests per second. (10:1)

     

    In order to get 6,000 requests per second you would have to have 60,000 users.

    A typical user's browser behaviour could not achieve the numbers you claim.

     

    In our sizing calculator, we estimate number of req/sec like this:

    Capture.jpg

    And the total performance is caclulated like this:

    Capture2.jpg

  • trishoar Apprentice 61 posts since
    Jan 28, 2010
    Currently Being Moderated
    4. Oct 1, 2012 10:14 AM (in response to eelsasser)
    Re: McAfee Web Gateway-the right model

    To give some real world context for through put for vs users, we are licenced for ~40k users, hit a peak for 4100 RP/s today and had a maximum network throughput of ~1Gb/s.

     

    Tris

  • eelsasser McAfee SME 841 posts since
    Mar 24, 2010
    Currently Being Moderated
    5. Oct 1, 2012 10:47 AM (in response to trishoar)
    Re: McAfee Web Gateway-the right model

    Yes, that kind of traffic pattern is common.

     

    Customers have offered QA numerous logs throughout the years and analyzed the various workloads that are typical.

     

    When they profile actual number of users vs. number of users, they usually average about 10:1 for Users:Req/Sec.

    Of course, it could be more or less than that depending on your environment, but i would never expect that 6000 users could generate 6000 req/sec.

  • Odai zZ Apprentice 53 posts since
    Apr 22, 2013
    Currently Being Moderated
    7. Nov 2, 2013 6:06 AM (in response to eelsasser)
    Re: McAfee Web Gateway-the right model

    Hello eelsasser,

     

    what is the recommended appliance for the following info ?!

     

    250 concurrent users

    deployment: Explicit Proxy

    1 location

    no redundancy appliances

    with authentication (will be integrated with Active directory)

    SSL scanning will be used

    Anti-malware engin will be used


    Regards,
    Odai zZ
  • eelsasser McAfee SME 841 posts since
    Mar 24, 2010
    Currently Being Moderated
    8. Nov 2, 2013 12:06 PM (in response to Odai zZ)
    Re: McAfee Web Gateway-the right model

    If you want physical hardware, I would suggest the WG4500. It has a little more room for growth than the the WG4000 and it is not much more cost.

     

    For only a 250 user environment, have you considered doing this on a VMware host? I would think that a a VMguest with 4-8 CPU and 8Gig of RAM would be sufficient.

     

    Then, above that, I would use the WPS subscription SKU for 250 users which includes:

    Web Security (proxy, SSL, Antivirus, App Control, DLP, and every other feature the MWG has to offer)

    Gateway Antimalware,

    SaaS/Hybrid for roaming users (including MCP agent)

    ePO and Content Security Reporter

     

    Of course, Talk to your Sales Rep.

  • Odai zZ Apprentice 53 posts since
    Apr 22, 2013
    Currently Being Moderated
    9. Nov 4, 2013 12:02 AM (in response to eelsasser)
    Re: McAfee Web Gateway-the right model

    Thank you eelsasser


    Regards,
    Odai zZ

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points