<div dir="ltr"><div><div><br></div>I think you're wasting your time, and as someone else mentioned you'd be best walking away from this.<br><br></div><div>You'd need to combine the host routing and firewalling capabilities, e.g. iptables, with various content filtering capabilities, e.g. Squid+Websense.<br><br></div><div>Oh wait... that's a UTM appliance... your customer is asking you to build them a UTM appliance... from scratch.<br><br></div><div>That's not commercially viable for you if you have to ask AusNOG for options.<br></div><div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div>-Colin<br></div></div></div></div></div></div>
<br><div class="gmail_quote">On 24 February 2015 at 23:07, Sam Sarkis-UIP <span dir="ltr"><<a href="mailto:ssarkis@unitedip.net.au" target="_blank">ssarkis@unitedip.net.au</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">





<div link="blue" vlink="purple" lang="EN-AU">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">It is an odd request, yes it MUST be a server based Firewall.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">No go on the vASA or vSRX as we don’t have access to the Hypervisor at all.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">We only get given an pre-build OS and then we can install whatever application they want on it.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif" lang="EN-US">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif" lang="EN-US"> AusNOG [mailto:<a href="mailto:ausnog-bounces@lists.ausnog.net" target="_blank">ausnog-bounces@lists.ausnog.net</a>]
<b>On Behalf Of </b>Skeeve Stevens<br>
<b>Sent:</b> Tuesday, 24 February 2015 10:17 PM<br>
<b>To:</b> Sam Sarkis-UIP<br>
<b>Cc:</b> <a href="mailto:ausnog@lists.ausnog.net" target="_blank">ausnog@lists.ausnog.net</a>; <a href="mailto:ausnog@ausnog.net" target="_blank">ausnog@ausnog.net</a><br>
<b>Subject:</b> Re: [AusNOG] Firewall<u></u><u></u></span></p>
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<p class="MsoNormal">Sounds like an odd request... you mean it MUST be a Server based Firewall?<u></u><u></u></p>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">If that is an issue, get around it by going VMware and using vASA or vSRX?<u></u><u></u></p>
</div>
</div>
<div>
<p class="MsoNormal"><br clear="all">
<u></u><u></u></p>
<div>
<div>
<div>
<div>
<div>
<p style="margin:0cm;margin-bottom:.0001pt"><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#20497d"><br>
...Skeeve<u></u><u></u></span></p>
<p style="margin:0cm;margin-bottom:.0001pt"><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#20497d"><br>
--<u></u><u></u></span></p>
<p style="margin:0cm;margin-bottom:.0001pt"><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#20497d">Skeeve Stevens - </span><span style="font-size:9.5pt;font-family:"Calibri",sans-serif;color:#20497d">The ISP Guy</span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#20497d"><u></u><u></u></span></p>
<p style="margin:0cm;margin-bottom:.0001pt"><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#20497d">Email: <a href="mailto:skeeve@theispguy.com" target="_blank">skeeve@theispguy.com</a> ; </span><span style="font-size:9.5pt;font-family:"Calibri",sans-serif;color:#20497d">Twitter: </span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#20497d"><a href="https://twitter.com/TheISPGuy" target="_blank"><span style="font-size:9.5pt">@TheISPGuy</span></a><u></u><u></u></span></p>
<div>
<p class="MsoNormal"><span style="font-size:9.5pt;font-family:"Calibri",sans-serif;color:#20497d">Blog: <a href="http://theispguy.com/" target="_blank">TheISPGuy.com</a> ; Facebook: <a href="https://www.facebook.com/theispguy" target="_blank">TheISPGuy</a></span><span style="font-size:9.5pt"><u></u><u></u></span></p>
</div>
<div>
<p style="margin:0cm;margin-bottom:.0001pt"><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#20497d">Linkedin: <a href="http://www.linkedin.com/in/skeeve" target="_blank"><span style="color:#1155cc">/in/skeeve</span></a> ; </span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:black">Expert360: </span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#20497d"><a href="https://expert360.com/profile/d54a9" target="_blank"><span style="color:#1155cc">Profile</span></a><u></u><u></u></span></p>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<p class="MsoNormal">On Mon, Feb 23, 2015 at 9:09 PM, Sam Sarkis-UIP <<a href="mailto:ssarkis@unitedip.net.au" target="_blank">ssarkis@unitedip.net.au</a>> wrote:<u></u><u></u></p>
<blockquote style="border:none;border-left:solid #cccccc 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-right:0cm">
<div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal">Hi All,<u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal">I know this is strange but we have a specific requirement for a customer.<u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal">Does anyone know or recommend a firewall / UTM software that can be installed on an existing Windows, Redhat, SuSE, or Centos Server.<u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal">We would prefer a commercial package. 
<u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal">We cannot overwrite the existing os and have to work within any of the above mentions platforms only.<u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal">Kind Regards<u></u><u></u></p>
<p class="MsoNormal"><span style="color:#888888"> <u></u><u></u></span></p>
<p class="MsoNormal"><span style="color:#888888">Sam<u></u><u></u></span></p>
<p class="MsoNormal"><span style="color:#888888"> <u></u><u></u></span></p>
<p class="MsoNormal"><span style="color:#888888"> <u></u><u></u></span></p>
<p class="MsoNormal"><span style="color:#888888"> <u></u><u></u></span></p>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><u></u><u></u></p>
</blockquote>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
</div>
</div>

<br>_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
<br></blockquote></div><br></div></div></div>