[AusNOG] Firewall

Mark Dignam mark at innaloo.net
Wed Feb 25 16:21:15 EST 2015


And the CC: line, there only needs to be one ausnog at list entry… L

 

From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Jacob Gardiner
Sent: Wednesday, 25 February 2015 12:22 PM
To: kris at cloudcentral.com.au; Tim Raphael; Kristoffer Sheather @ CloudCentral
Cc: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] SPAM-LOW: Re: SPAM-MED: Re: Firewall

 

Any chance we can avoid prepending the subject header each time it goes out the spam filter? I think it’s Kristoffer’s mail server?

 

 

-- 
Jacob Gardiner
@jacobgardiner <https://twitter.com/jacobgardiner> 

 

On 25 February 2015 at 12:24:39 pm, Kristoffer Sheather @ CloudCentral (kristoffer.sheather at cloudcentral.com.au) wrote:

 

 


  _____  


From: "Tim Raphael" <raphael.timothy at gmail.com>
Sent: Wednesday, February 25, 2015 11:38 AM
To: kris at cloudcentral.com.au
Cc: "ausnog at lists.ausnog.net" <ausnog at lists.ausnog.net>
Subject: SPAM-LOW: Re: [AusNOG] SPAM-MED: Re: Firewall 

 

Network Function Virtualisation (NFV) is becoming a bigger and bigger deal with support for x86 in Cisco, Juniper and many other vendors improving by the week. 

 

> Certainly is.

 

VyOS (formerly Vyatta) I know is in use by a lot of cloud providers as it provides a fairly stable platform for basic routing / firewall / VPN termination but I wouldn't want to run "core" network roles on it.

 

> Why not?

 

VMWare and their NSX Edge Services Gateway is also looking to be an option for the cloud services space with quite advanced features aimed at cloud tenants wanting greater control over routing, firewall, load balancing and SSL VPN features.

 

> Very nice, but pricey.  There are alternative methods to achieve the same end result.

 

The offerings from Cisco (CSR1000V, NS-OSv) and Juniper (vSRX and vMX) are looking very promising also (licensing costs aside) for the possibility of running production network loads within x86 hardware.

 

> Agreed, add the Brocade vRouter 5600 with Intel DPDK to that list, all of those options are pricey of course. 

 

Just my 2c.

 

- Tim

 

  

 

 

  

On Wed, Feb 25, 2015 at 6:25 AM, Kristoffer Sheather @ CloudCentral <kristoffer.sheather at cloudcentral.com.au> wrote: 

Yes, we are running Vyatta's for all of our sites.  The speed is quite good (IMHO & YMMV).

 

Regards,

Kristoffer Sheather
CloudCentral

 

Mobile: +61 475 048 864 <tel:%2B61%20475%20048%20864>  | Switch: +61 2 6160 7624 <tel:%2B61%202%206160%207624>  | Email:  <mailto:kris at cloudcentral.com.au> kris at cloudcentral.com.au
LinkedIn:  <http://au.linkedin.com/in/kristoffersheather> View Kristoffer Sheather's profile on LinkedIn | Skype: kristoffer.sheather | Twitter:  <http://twitter.com/kristofferjon> http://twitter.com/kristofferjon

 


  _____  


From: "Alex Samad - Yieldbroker" <Alex.Samad at yieldbroker.com>
Sent: Wednesday, February 25, 2015 9:14 AM
To: "Skeeve Stevens" <skeeve+ausnog at theispguy.com <mailto:skeeve%2Bausnog at theispguy.com> >, "Sam Sarkis-UIP" <ssarkis at unitedip.net.au>
Cc: "ausnog at lists.ausnog.net" <ausnog at lists.ausnog.net>, "ausnog at ausnog.net" <ausnog at ausnog.net>
Subject: SPAM-MED: Re: [AusNOG] Firewall 

 

Hi

 

Interesting, I just went to VMUG yesterday, listen to a lot about NSX… Previously tried to stay away because of the enterprise licensing cost, but relooking at it again.

 

I noticed nobody mentioned it in the hypervisor env

Is anyone running soft routers (VMs/non Hardware) as an ISP/provider.

 

I thinking you can’t beat silicon for pure switching … routing ?? and then coupled with something further up the stack, does switching/routing on the host of a hypervisor make more sense ?

 

A

 

 

From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Skeeve Stevens
Sent: Tuesday, 24 February 2015 10:17 PM
To: Sam Sarkis-UIP
Cc: ausnog at lists.ausnog.net; ausnog at ausnog.net
Subject: Re: [AusNOG] Firewall

 

Sounds like an odd request... you mean it MUST be a Server based Firewall?

 

If that is an issue, get around it by going VMware and using vASA or vSRX?

 


...Skeeve


--

Skeeve Stevens - The ISP Guy

Email: skeeve at theispguy.com ; Twitter:  <https://twitter.com/TheISPGuy> @TheISPGuy

Blog: TheISPGuy.com <http://theispguy.com/>  ; Facebook: TheISPGuy <https://www.facebook.com/theispguy> 

Linkedin:  <http://www.linkedin.com/in/skeeve> /in/skeeve ; Expert360:  <https://expert360.com/profile/d54a9> Profile

 

On Mon, Feb 23, 2015 at 9:09 PM, Sam Sarkis-UIP <ssarkis at unitedip.net.au> wrote:

 

Hi All,

 

I know this is strange but we have a specific requirement for a customer.

 

Does anyone know or recommend a firewall / UTM software that can be installed on an existing Windows, Redhat, SuSE, or Centos Server.

 

We would prefer a commercial package. 

 

We cannot overwrite the existing os and have to work within any of the above mentions platforms only.

 

Kind Regards

 

Sam

 

 

 


_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

 


_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
 

_______________________________________________ 
AusNOG mailing list 
AusNOG at lists.ausnog.net 
http://lists.ausnog.net/mailman/listinfo/ausnog 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20150225/c39545dd/attachment.html>


More information about the AusNOG mailing list