Hi All!
Can someone give me some guide´lines as to what is an "acceptable" number/percentage of firewall drops? For example, we have one firewall with over 2 million packets a day. On a bad day we see less than 50 drops, spread across serveral machines. Sometimes there are several drops between maschine with given destination port. Usually, there are just single drops between machines.
My boss insists that we should get the drops down to zero. Every drop has a cause and we just need to find the cause. Although I agree that there is a cause and theoretically one could be able to find it. However, there are any number of things that could cause a drop. It could be something as mundane as a cable that wiggle each time someone walks past the server and one time in ten causes a drop between random machines. To me tracking down something like that is ludicrous.
Any input appreciated.
Can someone give me some guide´lines as to what is an "acceptable" number/percentage of firewall drops? For example, we have one firewall with over 2 million packets a day. On a bad day we see less than 50 drops, spread across serveral machines. Sometimes there are several drops between maschine with given destination port. Usually, there are just single drops between machines.
My boss insists that we should get the drops down to zero. Every drop has a cause and we just need to find the cause. Although I agree that there is a cause and theoretically one could be able to find it. However, there are any number of things that could cause a drop. It could be something as mundane as a cable that wiggle each time someone walks past the server and one time in ten causes a drop between random machines. To me tracking down something like that is ludicrous.
Any input appreciated.