I have a need to block 1 -> 2 million ips. This edge firewall will be blocking dos attackers, spammers from hitting our proxys, and mail/web servers. I also need to be able to reload the 1 -> 2 million blocked ips from time to time as they change. But this list is not changing continuously. Thoughts how to do this? What would you recommend for a hardware? The iptables set patch, what else? I need to come of with a plan so I can begin testing for deployment. Thanks, -Tim
