I would be concerned. You should already have the numbers, really:
1. what is your vendors max processing throughput? half it. They almost certainly use bonded interfaces, and you should at least account for a nic failure.
2. How many interfaces do you have on your filer? What type of bandwith are they actually pushing? (ifstat, mrtg, kricket, netflow, etc). Bump it up by 50%, to account for traffic spikes, unless you do really good trending and are confident in your numbers.
does #2 - #1 have a remainder? then you're Ok. If not, then you're not.
3. Does your IDS support jumbo frames? Are you using them with your filer? (you probably should be).
if it doesn't, I would say it's a no-go.
hth, Nick
Tom Yates wrote:
I have a bunch of filers that we use from various hosts for CIFS, NFS and iSCSI. Powers That Be are planning to put both a firewall and an adaptive IDS between my filers and my hosts.
Does anyone have any rough and ready (ir ndeed, shiny and precise) numbers about what sort of performance impact this can have, recommendations for how to do it properly, or indeed solid data suggesting not to do it at all? Any experience with this?