Problem solve Get help with specific problems with your technologies, process and projects.

How can I calculate perimeter firewall throughput?

Learn how to use a capture filter in Wireshark, to determine network throughput on a firewall by monitoring incoming packets and using a simple equation to find a baseline throughput, from our expert Michael Gregg.

What are the factors that need to be considered to calculate the required throughput of the perimeter firewall?

One thing to look at is the throughput. This can be determined with a packet sniffer like Wireshark. First, you will want to span a port on the switch that is connected to the firewall so that you can capture the same traffic the firewall is processing. Next, open Wireshark and start a capture. Set up a capture filter to look at only the firewall's MAC address. Let the capture run for as long as possible to get a good baseline. Once the capture finishes, place the relative time column next to the cumulative bytes column, and mark the first packet of data capture. Divide this by the number of seconds from the cumulative bytes at end of capture. This equation will calculate perimeter firewall throughput.

This was last published in October 2009

Dig Deeper on Network management and monitoring