Proxy/Caching Servers

Jon_Lyons · April 6, 2006, 5:03pm

Hey all,

I need some recommendations on proxy servers for enterprise environments. Our current product can’t handle the load & is no longer being supported by the vendor. The devices need to handle at least 1000+ concurrent connections at about 20 Mbit/s. Websites, Streaming, etc, etc�

Not sure if there’s one product that does what I’m looking for:

Appliance based (preferred, but not required)
Clusterable/VRRP Setup or can be used behind a load balancer
Web/FTP virus checking
Caching
Web content filtering (include ability to add manually to a deny list)
Logging and user auditing (via name or client IP address)
Real-time traffic monitoring
Grant/Deny access to particular websites from individual/grouped client IP addresses
Thanks

Elijah_Savage · April 6, 2006, 6:36pm

Hey all,

I need some recommendations on proxy servers for enterprise environments.
Our current product can't handle the load & is no longer being supported
by the vendor. The devices need to handle at least 1000+ concurrent
connections at about 20 Mbit/s. Websites, Streaming, etc, etc�

Not sure if there's one product that does what I'm looking for:

1. Appliance based (preferred, but not required)
2. Clusterable/VRRP Setup or can be used behind a load balancer
3. Web/FTP virus checking
4. Caching
5. Web content filtering (include ability to add manually to a deny list)
6. Logging and user auditing (via name or client IP address)
7. Real-time traffic monitoring
8. Grant/Deny access to particular websites from individual/grouped
client IP addresses
Thanks

This is always a touch subject caching customers content.

Look at the bluecoat
products.http://www.bluecoat.com/resources/technology/proxycaching.html

Joseph_S_D_Yao · April 6, 2006, 7:37pm

squid <http://www.squid-cache.org/>

Symantec Enterprise Firewall [formerly Raptor], if they're still selling
it <http://www.symantec.com/Products/enterprise?c=prodinfo&refId=853>

Sidewinder G2 <http://www.securecomputing.com/index.cfm?skey=232>
  (The G2 stands for what parts of NAI Gauntlet they included.
   NAI Gauntlet was formerly a good product from Trusted
   Information Systems. TIS Labs is still owned by NAI.)

The aforementioned Blue Coat Proxy server.

Alain_Hebert · April 6, 2006, 8:41pm

Hummm.... squid.

With a touch of haproxy... (Or for those with money.... ServerIron's)

Joseph S D Yao wrote:

Joseph_S_D_Yao · April 7, 2006, 4:06pm

...

Do Foundry ServerIrons proxy and cache, or just switch?

Joe_Abley3 · April 7, 2006, 4:16pm

ServerIrons don't cache. They can be used for transparent redirection of requests to a cache (I think), and to support multiple caches in a load-sharing configuration (for sure). Other vendors of similar products are cisco (formerly Arrowpoint) and Nortel (formerly Alteon).

If you're looking for this kind of fanciness in your switches, you should also check out products by f5 networks. I have never used their switches, but I heard some impressive stories about what you can do with them the other week in Wellington.

Joe

Alain_Hebert · April 7, 2006, 4:40pm

Just switch but 2 (of more) of them makes for a good frontend to a farm of squid.

With both incoming and outgoing resilience.

Joseph S D Yao wrote: