VM-Series on Amazon Web Services Performance and Capacity
Many factors, such as AWS instance size,
maximum packets per second supported, number of cores used, and
AWS placement group, can affect performance.
We recommend additional testing within your environment
to ensure that you meet your performance and capacity requirements.
For a complete listing of all VM-Series features and capacities,
see compare VM-Series firewalls.
The performance and capacities listed in the following table have
been generated under these test conditions:
Firewall throughput is measured with App-ID™ technology
features enabled utilizing 64 KB HTTP 1.1 transactions.
IPsec VPN is measured with App-ID™ enabled and performance
is tested between a pair of VM-Series firewall instances in a placement
group deployed within the same availability zone and region and
with 12 tunnels with a single IKE gateway. The performance will
vary based on AWS instance type and connectivity topology (for example,
connecting from on-premises hardware to VM-Series on AWS, or from
VM-Series in an AWS VPC to an AWS VGW in another VPC, or VM-Series
to VM-Series across regions).
Threat Prevention throughput is measured with App-ID, User-ID,
IPS, antivirus, and anti-spyware features enabled, utilizing 64
KB HTTP 1.1 transactions.
Tested on instances with AWS Nitro Hypervisor and SR-IOV
and DPDK are enabled.
