[AusNOG] Firewall

Sam Sarkis-UIP ssarkis at unitedip.net.au
Thu Feb 26 18:17:58 EST 2015


Thanks all,

Nothing suggested is suitable, I think I will walk away from this one as suggested by a few people.


Thanks All



From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Mark Dignam
Sent: Wednesday, 25 February 2015 4:21 PM
To: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Firewall

And the CC: line, there only needs to be one ausnog at list entry… ☹

From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Jacob Gardiner
Sent: Wednesday, 25 February 2015 12:22 PM
To: kris at cloudcentral.com.au<mailto:kris at cloudcentral.com.au>; Tim Raphael; Kristoffer Sheather @ CloudCentral
Cc: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] SPAM-LOW: Re: SPAM-MED: Re: Firewall

Any chance we can avoid prepending the subject header each time it goes out the spam filter? I think it’s Kristoffer’s mail server?


--
Jacob Gardiner
@jacobgardiner<https://twitter.com/jacobgardiner>


On 25 February 2015 at 12:24:39 pm, Kristoffer Sheather @ CloudCentral (kristoffer.sheather at cloudcentral.com.au<mailto:kristoffer.sheather at cloudcentral.com.au>) wrote:


________________________________
From: "Tim Raphael" <raphael.timothy at gmail.com<mailto:raphael.timothy at gmail.com>>
Sent: Wednesday, February 25, 2015 11:38 AM
To: kris at cloudcentral.com.au<mailto:kris at cloudcentral.com.au>
Cc: "ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>" <ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>>
Subject: SPAM-LOW: Re: [AusNOG] SPAM-MED: Re: Firewall

Network Function Virtualisation (NFV) is becoming a bigger and bigger deal with support for x86 in Cisco, Juniper and many other vendors improving by the week.

> Certainly is.

VyOS (formerly Vyatta) I know is in use by a lot of cloud providers as it provides a fairly stable platform for basic routing / firewall / VPN termination but I wouldn't want to run "core" network roles on it.

> Why not?

VMWare and their NSX Edge Services Gateway is also looking to be an option for the cloud services space with quite advanced features aimed at cloud tenants wanting greater control over routing, firewall, load balancing and SSL VPN features.

> Very nice, but pricey.  There are alternative methods to achieve the same end result.

The offerings from Cisco (CSR1000V, NS-OSv) and Juniper (vSRX and vMX) are looking very promising also (licensing costs aside) for the possibility of running production network loads within x86 hardware.

> Agreed, add the Brocade vRouter 5600 with Intel DPDK to that list, all of those options are pricey of course.

Just my 2c.

- Tim





On Wed, Feb 25, 2015 at 6:25 AM, Kristoffer Sheather @ CloudCentral <kristoffer.sheather at cloudcentral.com.au<mailto:kristoffer.sheather at cloudcentral.com.au>> wrote:
Yes, we are running Vyatta's for all of our sites.  The speed is quite good (IMHO & YMMV).

Regards,

Kristoffer Sheather
CloudCentral

Mobile: +61 475 048 864<tel:%2B61%20475%20048%20864> | Switch: +61 2 6160 7624<tel:%2B61%202%206160%207624> | Email: kris at cloudcentral.com.au<mailto:kris at cloudcentral.com.au>
LinkedIn: [View Kristoffer Sheather's profile on LinkedIn] <http://au.linkedin.com/in/kristoffersheather>  | Skype: kristoffer.sheather | Twitter: http://twitter.com/kristofferjon

________________________________
From: "Alex Samad - Yieldbroker" <Alex.Samad at yieldbroker.com<mailto:Alex.Samad at yieldbroker.com>>
Sent: Wednesday, February 25, 2015 9:14 AM
To: "Skeeve Stevens" <skeeve+ausnog at theispguy.com<mailto:skeeve%2Bausnog at theispguy.com>>, "Sam Sarkis-UIP" <ssarkis at unitedip.net.au<mailto:ssarkis at unitedip.net.au>>
Cc: "ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>" <ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>>, "ausnog at ausnog.net<mailto:ausnog at ausnog.net>" <ausnog at ausnog.net<mailto:ausnog at ausnog.net>>
Subject: SPAM-MED: Re: [AusNOG] Firewall

Hi

Interesting, I just went to VMUG yesterday, listen to a lot about NSX… Previously tried to stay away because of the enterprise licensing cost, but relooking at it again.

I noticed nobody mentioned it in the hypervisor env
Is anyone running soft routers (VMs/non Hardware) as an ISP/provider.

I thinking you can’t beat silicon for pure switching … routing ?? and then coupled with something further up the stack, does switching/routing on the host of a hypervisor make more sense ?

A


From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net>] On Behalf Of Skeeve Stevens
Sent: Tuesday, 24 February 2015 10:17 PM
To: Sam Sarkis-UIP
Cc: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>; ausnog at ausnog.net<mailto:ausnog at ausnog.net>
Subject: Re: [AusNOG] Firewall

Sounds like an odd request... you mean it MUST be a Server based Firewall?

If that is an issue, get around it by going VMware and using vASA or vSRX?


...Skeeve

--

Skeeve Stevens - The ISP Guy

Email: skeeve at theispguy.com<mailto:skeeve at theispguy.com> ; Twitter: @TheISPGuy<https://twitter.com/TheISPGuy>
Blog: TheISPGuy.com<http://theispguy.com/> ; Facebook: TheISPGuy<https://www.facebook.com/theispguy>

Linkedin: /in/skeeve<http://www.linkedin.com/in/skeeve> ; Expert360: Profile<https://expert360.com/profile/d54a9>

On Mon, Feb 23, 2015 at 9:09 PM, Sam Sarkis-UIP <ssarkis at unitedip.net.au<mailto:ssarkis at unitedip.net.au>> wrote:

Hi All,

I know this is strange but we have a specific requirement for a customer.

Does anyone know or recommend a firewall / UTM software that can be installed on an existing Windows, Redhat, SuSE, or Centos Server.

We would prefer a commercial package.

We cannot overwrite the existing os and have to work within any of the above mentions platforms only.

Kind Regards

Sam




_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog


_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog

_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20150226/bc524a24/attachment.html>


More information about the AusNOG mailing list