People, I have seen a discussion about DDoS Mitigation in this list. Someone reference Juniper SRX equipments like good equipments to prevent DDoS attacks. Like Juniper SRX, other players like fortinet has some hardware based ( FORTIGATE) Appliances to provide great throughput, ddos mitigation, UTM Features, etc. Ex. Recent Fortigate 1240B My question about this products is related to a combination of performance parameters that I really does not understand. Lets use Juniper SRX as an example: Juniper SRX has (from Juniper's web site): Firewall performance (max) 1.5 Gbps Maximum concurrent sessions 64 K (512 MB DRAM) / 128 K (1 GB DRAM) New sessions/second (sustained, TCP, 3-way) 9,000 Lets suppose that we have a client with 100 Mbps total full duplex throughput in a SRX-240 interfaces. If this client has 6000 users ... how is possible to combine: 1.5 Gbps (100 Mbps) x 128K sessions x 9000 new sessions/second Supposing 5000 users x 100 sessions per user ... the box will not support it , right ? How is the correct way to calculate with accuracy this ? Every player looks like to have a way to calculate it. Every player said something about sessions. What is the correct parameter about sessions ? How many sessions per second a normal user (FTP, E-mail, HTTP, SSL, SSH, Telnet) can generate ? Why the number 9000 new sessions/second is important ? How can I sum to all of this 3 parameters ... the DDoS mitigation ? How much performance I will consume, under a DDoS attack ? It is possible to measure it ? Thanks a lot, Giuliano