On 6-7-2010 18:01, Christian Jensen wrote:
> Thanks for the feedback. I do understand that it is pretty vague.
>
> If you have the machine directly on the net and all ports off, is the
> only reason to use a cisco to get the VPN or are there other benefits? I
> come from the M$ world where we used ISA server and I understand the
> positives there but also the downsides too.
The most important reason for me is control. If your server is compromized and you lose control (I actually had a windows server where I watched a hacker move my mouse around), how will you control the server or limit the business impact? It's nice to have a small appliance where you can control what's going in and out, even if your servers are compromized.
>
> With ISA server I got:
> * URL Routing
> * NAT
> * VPN
> * Logging
> * Load Balancing
> * SSL offloading
> and more. I know this forum is not designed specifically for talking
> about Cisco products but does anyone know what the best box for the best
> price to emulate the above features? Is it simply a matter of mixing in
> other Open Source projects and boxes?
We use cisco asa's for NAT, routing (ipv6) and VPN, and I use my balancers for the rest. The balancers run a combination of haproxy, varnish, squid, apache, whatever fits my requirements.
-- With kind regards, Angelo Höngens systems administrator MCSE on Windows 2003 MCSE on Windows 2000 MS Small Business Specialist ------------------------------------------ NetMatch tourism internet software solutions Ringbaan Oost 2b 5013 CA Tilburg +31 (0)13 5811088 +31 (0)13 5821239 A.Hongens#netmatch.nl www.netmatch.nl ------------------------------------------Received on 2010/07/06 20:20
This archive was generated by hypermail 2.2.0 : 2010/07/06 20:30 CEST