Policy complexity considerations

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Policy complexity considerations

L1 Bithead

When creating policies, especially Security and QoS, how much consideration do I have to give to the number of policies?

If we want to get very granular with these policies, will we pay any significant penalty in performance (either in device administration or performance)?

(Specifically we have PA2050 that will route through 220Mbps max to internet--I have about 15 Security and about 10 QoS rules, would like to add more)

Is it better to group objects and minimize policy complexity, or (from a performance perspective) do I even need to worry about it?

Thank you

Simon.

1 REPLY 1

L3 Networker

Euh - you have 15 security policies on a 2050 and you are worrying about performance impact ?

Funny 😉

I wouldn't worry too much about performance , even with 1000+ policies.

Maybe managability and visibilty becomes an issue then , allthough by using (multiple) tags , you can even keep a +1000 policy understandable....

  • 1808 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!