<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:"Segoe UI Symbol";
panose-1:2 11 5 2 4 2 4 2 2 3;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
p.msolistparagraphcxspfirst, li.msolistparagraphcxspfirst, div.msolistparagraphcxspfirst
{mso-style-name:msolistparagraphcxspfirst;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
line-height:115%;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
p.msolistparagraphcxspmiddle, li.msolistparagraphcxspmiddle, div.msolistparagraphcxspmiddle
{mso-style-name:msolistparagraphcxspmiddle;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
line-height:115%;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
p.msolistparagraphcxsplast, li.msolistparagraphcxsplast, div.msolistparagraphcxsplast
{mso-style-name:msolistparagraphcxsplast;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
line-height:115%;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
p.msochpdefault, li.msochpdefault, div.msochpdefault
{mso-style-name:msochpdefault;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:10.0pt;
font-family:"Times New Roman","serif";}
span.emailstyle21
{mso-style-name:emailstyle21;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle23
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-AU link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>One of our guys setup a varnish box with some cool firewalling scripts on a vm. He had it doing all sorts of cool stuff like looking up black lists and block tor proxies. And as a bonus it makes the web sites load faster. You can cluster them and redirect the sites to the correct back end server. probably doesn’t get 100% but when we started pushing sites through the varnish box it turned up some “interesting” traffic. <o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><div><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Thank you<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Andrew Paternoster<o:p></o:p></span></p></div><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> AusNOG [mailto:ausnog-bounces@lists.ausnog.net] <b>On Behalf Of </b>Ed Hallett<br><b>Sent:</b> Tuesday, 6 August 2013 10:47 AM<br><b>To:</b> ausnog@lists.ausnog.net; Michael Gehrmann<br><b>Subject:</b> Re: [AusNOG] Application Firewall Recommendations<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'>it specifically needs to be application based since the servers are all virtualized tenants.<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'>Yes, nested hypervisors would be nice, but we’re not there yet </span><span style='font-family:"Segoe UI Symbol","sans-serif"'>😉</span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'> <o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'> <o:p></o:p></span></p></div><div style='border:none;border-top:solid #E5E5E5 1.0pt;padding:4.0pt 0cm 0cm 0cm'><div><p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";letter-spacing:.25pt'>From:</span></b><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";letter-spacing:.25pt'> Michael Gehrmann<br><b>Sent:</b> Tuesday, August 6, 2013 10:32 AM<br><b>To:</b> <a href="mailto:ausnog@lists.ausnog.net">ausnog@lists.ausnog.net</a></span><span style='font-family:"Calibri","sans-serif"'><o:p></o:p></span></p></div></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'> <o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Hi Ed,</span><o:p></o:p></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> </span><o:p></o:p></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Are you after an application firewall or a host firewall? Most vendors have moved away from software installed on top of an OS to appliance style setups as they are easier to support.</span><o:p></o:p></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> </span><o:p></o:p></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Regards</span><o:p></o:p></p><p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN style='font-size:8.5pt;font-family:"Arial","sans-serif";color:#1F497D'>Michael Gehrmann</span><o:p></o:p></p><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> AusNOG [<a href="mailto:ausnog-bounces@lists.ausnog.net">mailto:ausnog-bounces@lists.ausnog.net</a>] <b>On Behalf Of </b>Ed Hallett<br><b>Sent:</b> Tuesday, 6 August 2013 10:12 AM<br><b>To:</b> <a href="mailto:ausnog@lists.ausnog.net">ausnog@lists.ausnog.net</a><br><b>Subject:</b> [AusNOG] Application Firewall Recommendations</span><o:p></o:p></p></div></div><p class=MsoNormal> <o:p></o:p></p><div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'>Hi people,</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'> </span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'>Just a simple question, but with a not so simple answer.</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'> </span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'>We manage considerable clients with ‘cloud’ based servers within Telstra’s utility hosting.</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'>We used to use TMG as a firewall / gateway / security for clients who requested these features, but this is no longer possible.</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'> </span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'>I need recommendations on application based (non VM) firewalls which can be installed on server 08 / 12 and capable of the same feature set as TMG. Not as easy to find now..</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'> </span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'>So, I ask my esteemed peers for words of wisdom.</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'>Well, words, anyway.</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'> </span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'>Kind regards,</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-family:"Calibri","sans-serif"'>Ed Hallett</span><o:p></o:p></p></div></div></div></div></div></body></html>