[AusNOG] Application Firewall Recommendations

Andrew Paternoster Andrew at screwloose.com.au
Tue Aug 6 11:28:54 EST 2013 

One of our guys setup a varnish box with some cool firewalling scripts on a vm. He had it doing all sorts of cool stuff like looking up black lists and block tor proxies. And as a bonus it makes the web sites load faster. You can cluster them and redirect the sites to the correct back end server. probably doesn’t get 100% but when we started pushing sites through the varnish box it turned up some “interesting” traffic.


Thank you
Andrew Paternoster

From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Ed Hallett
Sent: Tuesday, 6 August 2013 10:47 AM
To: ausnog at lists.ausnog.net; Michael Gehrmann
Subject: Re: [AusNOG] Application Firewall Recommendations

it specifically needs to be application based since the servers are all virtualized tenants.
Yes, nested hypervisors would be nice, but we’re not there yet 😉


From: Michael Gehrmann
Sent: ‎Tuesday‎, ‎August‎ ‎6‎, ‎2013 ‎10‎:‎32‎ ‎AM
To: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>

Hi Ed,

Are you after an application firewall or a host firewall? Most vendors have moved away from software installed on top of an OS to appliance style setups as they are easier to support.

Regards
Michael Gehrmann
From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Ed Hallett
Sent: Tuesday, 6 August 2013 10:12 AM
To: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: [AusNOG] Application Firewall Recommendations

Hi people,

Just a simple question, but with a not so simple answer.

We manage considerable clients with ‘cloud’ based servers within Telstra’s utility hosting.
We used to use TMG as a firewall / gateway / security for clients who requested these features,  but this is no longer possible.

I need recommendations on application based (non VM) firewalls which can be installed on server 08 / 12 and capable of the same feature set as TMG. Not as easy to find now..

So, I ask my esteemed peers for words of wisdom.
Well, words, anyway.

Kind regards,
Ed Hallett
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130806/f057d02b/attachment.html>

More information about the AusNOG mailing list