<div dir="ltr">For FOSS, it's hard to beat PFSense.<div><br></div><div>To weigh in from a commercial perspective, Fortinet's FortiGate VMs run on VMWare & Xen, and they recently added KVM and Hyper-V support as well.</div>
<div><br></div><div>They do everything the hardware can do but come with the warning: You're relying on the CPU in your virtual platform, when everything's going perfectly then everything works perfectly. If you come under any type of DoS you don't have shiny ASICs to eat that extra load for you.</div>
<div><br></div><div>my 2c.</div><div><br></div><div>David</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On 9 August 2013 12:27, Alex Samad - Yieldbroker <span dir="ltr"><<a href="mailto:Alex.Samad@yieldbroker.com" target="_blank">Alex.Samad@yieldbroker.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">





<div lang="EN-AU" link="#0563C1" vlink="#954F72">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Hi<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">So what is the current industry thought on using VM firewalls. And to take that further what is the thought of using a plan OS for a firewall, thinking Linux
 or BSD.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Alex<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0cm 0cm 0cm 4.0pt">
<div>
<div style="border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US" style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span lang="EN-US" style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> AusNOG [mailto:<a href="mailto:ausnog-bounces@lists.ausnog.net" target="_blank">ausnog-bounces@lists.ausnog.net</a>]
<b>On Behalf Of </b>James Braunegg<br>
<b>Sent:</b> Thursday, 8 August 2013 9:49 PM<br>
<b>To:</b> Michael Andreas Schipp; Ed Hallett<br>
<b>Cc:</b> <a href="mailto:ausnog@lists.ausnog.net" target="_blank">ausnog@lists.ausnog.net</a><br>
<b>Subject:</b> Re: [AusNOG] Application Firewall Recommendations<u></u><u></u></span></p>
</div>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Dear Ed<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">A10 Networks have the SoftAX Virtual machine which you can run as a VM – Further WAF information on the A10 Solution can be found here –
<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><a href="http://www.a10networks.com/resources/files/A10-SB-Web_Application_Firewall_WAF.pdf" target="_blank">http://www.a10networks.com/resources/files/A10-SB-Web_Application_Firewall_WAF.pdf</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Also the new A10 Cloud offering coming soon, will provide WAF as SaaS<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Both options I highly recommend<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Kindest Regards<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<div>
<p class="MsoNormal"><b><span lang="EN-US" style="font-size:11.0pt;font-family:"Verdana","sans-serif";color:#1f497d">James Braunegg<br>
</span></b><b><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana","sans-serif";color:#1f497d">P:</span></b><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana","sans-serif";color:#1f497d">  1300 769 972  | 
<b>M:</b>  0488 997 207 |  <b>D:</b>  (03) 9751 7616<u></u><u></u></span></p>
<p class="MsoNormal"><b><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana","sans-serif";color:#1f497d">E:</span></b><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana","sans-serif";color:#1f497d">  
</span><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><a href="mailto:james.braunegg@micron21.com" target="_blank"><span style="font-size:8.0pt;font-family:"Verdana","sans-serif";color:blue">james.braunegg@micron21.com</span></a></span><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana","sans-serif";color:#1f497d"> 
 |  <b>ABN:</b>  12 109 977 666   <br>
<b>W:</b>  <a href="http://www.micron21.com/tv-hosting" target="_blank"><span style="color:blue">www.micron21.com/tv-hosting</span></a>  <b>T:</b> @micron21<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana","sans-serif";color:#1f497d"><br>
<img border="0" width="250" height="39" src="cid:image001.jpg@01CE94E7.797CA090" alt="Description: Description: Description: Description: M21.jpg"><br>
</span><span style="font-size:8.0pt;font-family:"Verdana","sans-serif";color:#1f497d">This message is intended for the addressee named above. It may contain privileged or confidential information. If you are not the intended recipient of this message you must
 not use, copy, distribute or disclose it to anyone other than the addressee. If you have received this message in error please return the message to the sender by replying to it and then delete the message from your computer.</span><span lang="EN-US" style="font-size:8.0pt;font-family:"Verdana","sans-serif";color:#1f497d"><u></u><u></u></span></p>

</div>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<div>
<div style="border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US" style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span lang="EN-US" style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> AusNOG [<a href="mailto:ausnog-bounces@lists.ausnog.net" target="_blank">mailto:ausnog-bounces@lists.ausnog.net</a>]
<b>On Behalf Of </b>Michael Andreas Schipp<br>
<b>Sent:</b> Thursday, August 08, 2013 9:50 AM<br>
<b>To:</b> Ed Hallett<br>
<b>Cc:</b> <a href="mailto:ausnog@lists.ausnog.net" target="_blank">ausnog@lists.ausnog.net</a><br>
<b>Subject:</b> Re: [AusNOG] Application Firewall Recommendations<u></u><u></u></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Hi Ed,<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">              If as others have say, you decide to look at WAF and reverse proxies, I would suggest you to look at the following vendors;<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">              A10 Networks<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">              Citrix<u></u><u></u></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">              F5<u></u><u></u></span></p>
<p class="MsoNormal" style="text-indent:36.0pt"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Imperva<u></u><u></u></span></p>
<p class="MsoNormal" style="text-indent:36.0pt"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Radware<u></u><u></u></span></p>
<p class="MsoNormal" style="text-indent:36.0pt"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal" style="text-indent:36.0pt"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Narrow it down to 2 or 3 and do a PoC (most If not all of us will be able to offer hardware appliances or VM’s)<u></u><u></u></span></p>

<p class="MsoNormal" style="text-indent:36.0pt"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal" style="text-indent:36.0pt"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">I can help in getting anything you may need from the A10 (<a href="http://www.a10networks.com" target="_blank">www.a10networks.com</a>)
 side, just let me know.<u></u><u></u></span></p>
<p class="MsoNormal" style="text-indent:36.0pt"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span lang="EN-US" style>Thank you,<br>
<b> <br>
</b>Michael A Schipp<b><br>
</b></span><span style>Regional SE Manager ANZ<u></u><u></u></span></p>
<p class="MsoNormal"><b><span lang="EN-US" style>A10 Networks</span></b><span style><u></u><u></u></span></p>
<p class="MsoNormal"><a name="1406079a8189113d__MailEndCompose"></a><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<div>
<div style="border:none;border-top:solid #e1e1e1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif"">From:</span></b><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif""> AusNOG [<a href="mailto:ausnog-bounces@lists.ausnog.net" target="_blank">mailto:ausnog-bounces@lists.ausnog.net</a>]
<b>On Behalf Of </b>Ed Hallett<br>
<b>Sent:</b> Tuesday, 6 August 2013 10:12 AM<br>
<b>To:</b> <a href="mailto:ausnog@lists.ausnog.net" target="_blank">ausnog@lists.ausnog.net</a><br>
<b>Subject:</b> [AusNOG] Application Firewall Recommendations<u></u><u></u></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-GB"><u></u> <u></u></span></p>
<div>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Calibri","sans-serif"">Hi people,<u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Calibri","sans-serif""> <u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Calibri","sans-serif"">Just a simple question, but with a not so simple answer.<u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Calibri","sans-serif""> <u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Calibri","sans-serif"">We manage considerable clients with ‘cloud’ based servers within Telstra’s utility hosting.<u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Calibri","sans-serif"">We used to use TMG as a firewall / gateway / security for clients who requested these features,  but this is no longer possible.<u></u><u></u></span></p>

</div>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Calibri","sans-serif""> <u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Calibri","sans-serif"">I need recommendations on application based (non VM) firewalls which can be installed on server 08 / 12 and capable of the same feature set as TMG. Not as easy to find now..<u></u><u></u></span></p>

</div>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Calibri","sans-serif""> <u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Calibri","sans-serif"">So, I ask my esteemed peers for words of wisdom.<u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Calibri","sans-serif"">Well, words, anyway.<u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Calibri","sans-serif""> <u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Calibri","sans-serif"">Kind regards,<u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Calibri","sans-serif"">Ed Hallett<u></u><u></u></span></p>
</div>
</div>
</div>
</div>
</div>

<br>_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
<br></blockquote></div><br></div>