Vendor Eval Sheet (4 of 30)

When doing a vendor evaluation it is never fun process, especially if it is a company you are working with the first time. First the vendor comes in with their sales guy, even though you specifically asked to have a technical resource to come instead, they insist they want to “get a feel” for you are looking for. You get the nice brochure, you have that waste of a meeting, and if you are like me, you partially torture the guy, in mostly good fun. Then they bring their “expert” who is still unable able to answer your questions you are asking. Now finally after 2 face to face meetings, you have a 3rd with someone on the phone who has most of your answers, with the normal normal dose of kool-aid.

After all that, it is not a few week’s or months later, you want to be sure you don’t waste your time evaluating products that don’t suit your needs. So over the years, I have come across this list of evaluation criteria, that was mostly not been put together by me, but I have been using as a template. This will cross between routers, switches and firewalls, so it is more a jack of all trades list, then an all inclusive list.

If you have anything to add, please leave it in the comments.

Vendor Eval Sheet
Feature Set Feature
FW Core Services
Zone Based policies
Intra-Zone policies
Object Oriented policies
Time Based Policies
Intrustion detection
Anti Virus
Anti Spam
Content Filtering
Web Content Filtering
Web Content Filtering – Local DB
Deep Packet Inspection
Application Identificaion
Application Profiling
Caching
Virtual Server Firewalling
Attack Detection/reporting
NAT/PAT
Virtual Firewall's
Unified Access Control
Group Based policies
User Based Policies
performance
Chipset
L2 – High Availibility
L3 – High Availabity
High Availibility – MLAG
Store & Forward vs Cut Through
NUMBER of transactions persecond
Amount of Bandwidth
Express forwarding
Latency Impact
latenecy impact with all services turned on
Maximum transmission unit (MTU)
Jumbo frames support
Forwarding Rate default
Forwarding Rate 64byte 512byte 1500byte Jumbo frames
L3 QoS physical queues
L2 QoS physical queues
QoS Buffers
Queue depth size for priority queue
Queue depth per port
Queueing models support
Describe physical ports to backplane architecture
Describe physical ports to other physical ports architecture
Packet Shapers
SRR-Queue
QoS – Marking/Classification – TOS
QoS – Marking/Classification – DSCP
QoS – Priority-Queuing
QoS – Policing
QoS Bypass
Number of 40Gb interfaces
Number of 10Gb interfaces
Number of 10/100/1000Mb interfaces
management
CLI
Dedicated Management Interface
Console Access
Remote CLI Access
API
Web management
Central Management
USB Console
Netflow ~= SFLOW
Logging
Syslog
AAA
RADIUS
SNMP/MIB2
TACACS
SSHv2
Privilege Level Access
L3 Support
Virtual Routers?
IGMP groups and multicast routes
Total unicast routes
Directly connected hosts
TCAM
Security access control entries
QoS access control entries
PBR access control entries
Default Route/Static Route
BGP – Weight
BGP – AS-Filter
BGP – Community (New Format)
BGP – Prefix-list
Route-Map ~= Route Import/Export
OSPF
EIGRP
RIP
IS-IS
MPLS
Multicast
IPv6
L2 Support
VXLAN
Ethernet Autonegotiation – 10/100/1000Mb
POE support
Etherchannel ~= Aggregate Interface
Etherchannel Hashing Mechanism
Helper Address
LLDP/CDP
802.1x
dot1.q Trunking
Native VLAN
Total VLAN can define/support
VTP Domain Name ~= MSTP
VTP Server/Client/Transparent ~= MSTP
Private VLAN
Maximum number of VLANs
Maximum # VLAN IDs
Switched virtual interfaces (SVIs)
Physical Requirments
Connectors and Cabling
Power Connectors
Per-port status LEDs
System-status LEDs
Dimensions (inches)
Operating temperature
Operating relative humidity
Acoustic Noise (range)
Mean Time Between Failure (MTBF)
Measured 100% Throughput Power Consumption
(with Maximum PoE Loads)
AC Input Voltage and Current
Service and Support
Redundant power supply
Power Locking Mechanism
Air Flow
Flash memory
Cost
License Fee
Device Cost
Added Services Cost
Central Management Cost
Maintenance/Support Cost
Additional Protocol Support
NTP
SPAN/RSPAN
DHCP Server
DHCP Relay
DNS/Domain-Lookup
Banner
STP Portfast
STP Portfast Trunking
Portfast BPUDGuard
LoopGuard/RootGuard
Bridge Assurance
QinQ
Rapid STP
PVST
Sniffer =~ tcpdump
MST

 

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>