11-08-2010 12:19 AM
I have a small clarifications regarding ISG; Can we implement 2 x NS-ISG-SEC per ISG 2000 chassis to reach 1.5Gbps of throughput? If yes, do we need two to obtain 2 x NS-ISG-2000-IKT upgrade kit as well?
11-11-2010 01:36 PM
I believe on the ISG2000 you can put up to 3 of the NS-ISG-SEC modules in, and yes you would need the upgrade kits as well to cover the memory requirments. The ISG2000's are rated at 4Gbps on the backplane. Is your question relating throughput regarding IDP or just in general?
11-11-2010 02:09 PM
if i remember right :
you need 1x the NS-ISG-2000-IKT (with includes 2GB RAM of memory and a License of 5 Netscreen Security Users)
with 2 security modules you can go up to 1Gb and with 3 (maximum) you can go up to 2gb performance.
11-12-2010 08:57 AM
Hi, if you use two out of the three IDP slots, make sure to take the advice on which of the three slots to use. It is clearly marked in the documentation.
Only one kit per chassis, with 1-3 modules per chassis.
In a HA pair, equal numbers of cards are required.
11-12-2010 01:46 PM
if you are going with active / passive configuration (recommended)
or active/active (personally i would stay away from this configuration , as this causes only problems even on checkpoint ) , and even as i can remember not recommended from jtac you should have to meet this requiremends :
p.s personally i i`m verry happy with our idp2000 A/P Cluster with 2 Security Modules.
The Device(s) works as aspected.
11-30-2011 06:47 PM - edited 11-30-2011 06:50 PM
Can ISG work without NS-ISG-SEC?
If IDP is not needed, do we actually need NS-ISG-SEC?
Pls share your thought
12-01-2011 02:32 PM
Yes, the NS-ISG-SEC modules are optional.
If you do not wish to use IDP functions on the ISG-2000, you do not need any NS-ISG-SEC modules. The ISG-2000 will still function perfreclty fine as a L4 firewall/VPN device.
12-06-2011 01:28 AM