Cisco ASA 5505 Suitable For Low Bandwidth Colo?
Sep 16, 2007
Is a basic Cisco ASA 5505 suitable for a low-bandwidth colocation environment? I run a small virtualization network, going to be expanding to multiple hosts with a SAN and looking for something that is more secure and easier to manage.
Right now, I only have 12 virtual servers and I'm only pushing about 1-1.5mbps on average, though going to be expanding it so my capacity will be about 4x, including multiple physical servers and a layer2 switch. Sometimes managing it even now can become a PITA.
I would like to use an external firewall, but don't think I need something as hefty as an ASA 5510, as I doubt I'd max out the 5505 on throughput. I'm also sceptical about putting up a m0n0wall/pfSense box, as it might not be as cost effective to put it on new, reliable hardware, and putting it on some older/purchased off Ebay server could be unreliable as it is the entry point to my network.
Think the ASA 5505 would be a good entry level point?
View 4 Replies
ADVERTISEMENT
Oct 23, 2007
I've been looking at these two Firewalls for a quite some time and I am not sure which one I should go with. Price is not a factor since both are around the same price range.
The firewall is going to be in between my DROP and LAYER3 Switch.
So...FastE -> Firewall -> Layer3
As you can see, I dont want any fancy VLAN stuff or anything like that since my switch can take care of all that. I just want a firewall which is easy to configure and manage and has DDoS protection built-in.
If you have any other hardware based firewalls in the price range of ASA 5505 and Netscreen 5GT then I would want to hear about those as well.
View 14 Replies
View Related
Oct 22, 2009
we have bought a new Cisco ASA 5505 firewall, I was wondering if anyone knows if their is any windows based applications rather than having to use ssh?
View 1 Replies
View Related
Oct 16, 2009
i want a Cisco firewall suitable for one dedicated server protection, that server would host up to 30 vps
and i may buy another server in future, so what do you recommend?
View 8 Replies
View Related
May 3, 2008
I am in the process of gathering the peices to move from a dedicated box to my own hardware in a local colo and am undecided how best to choose the edge device.
The colo has a 30Mb pipe with about 10Mb of it being constantly used during biz hours. Another 10Mb is being allocated in the next couple of months. I want to be able to burst to the full 30Mb when needed.
I am getting 12 IP's allocated but will increase to 24 soon if all goes well (fingers crossed!).
I will have for starters just a single Proliant running dnp on 2008 with IIS, FTP, Mail, ns1 and a 2003 VM running my secondary ns.
What I am unsure of is the edge device and looking for others that have used either a 2800 series router or a ASA5500 series firewall in a similiar fashion. I know what the raw throughput of each device is, but raw benchmarks are not realworld numbers by any means.
I am looking at the 2801 with IOS Firewall turned on and hopefully even some inspects for FTP and HTTP traffic. The other option and one that I am less familiar with is to use the ASA5505 instead which will do my basic routing but supposedly provide more thourough inspects and advanced rules.
Does anyone have experiance with either of these in a hosting environment and have input on the realistic throughput one can expect from either device?
There is a signifigant cost difference with the ASA5505 being much cheaper but I am more familiar with IOS. Would anyone recommend a 1841 router instead?
View 6 Replies
View Related
Aug 16, 2007
I have a Cisco 4006 with a 4013 Supervisor and a 4232-L3 and 3 x 4148-RJ modules.
When downloading data from ServerA on the switch to ServerB on
the switch the download speed is limited to about 650KB/sec.
ServerA -> ServerB = 650KB/sec.
ServerB -> ServerA = 11MB/sec.
So the problem is in one direction.
Each server has its own VLAN and a /29 IP block and both servers are physically connected to the 4006's 4148-RJ modules.
This seems to affect servers at random.
This issue disappears if I change the /29 IP block on the server experiencing the slow downloads while still using the same VLANs and ports to a /29 not experiencing this issue.
When I change the /29 to one that is not affected the switch is capable of full wire speed which is approximately 11MB/sec sustained. When I change back to the old /29 the downloads are limited to about 650KB/sec max.
I have tried the following:
changing VLANs
changing ports on the 4006
replaced CAT5 patch cords
replaced NICs in affected servers
replaced motherboards in affected servers
had multiple people examine the configs
and a few other crazy ideas yet the problem persists.
This problem affects only a few servers on the switch however I have a similar problem on a larger group of servers as well.
Several servers are limited to 650KB/sec downloads from very fast servers outside the network on the public internet.
For example:
LocalServerA on the 4006 with a /29 is downloading from RemoteServerA on the internet and is getting about 650KB/sec.
RemoteServerA -> RemoteServerA = 650KB/sec
LocalServerB on the 4006 with another /29 is downloading from RemoteServerA on the internet and is getting 3-8MB/sec sustained.
RemoteServerA -> LocalServerB = 3-8MB/sec
If I change the /29 on LocalServerA to a /29 which is unaffected by this issue the speed problem disappears while still using the same hardware, VLANs and physical ports.
View 12 Replies
View Related
Apr 25, 2008
I've always had to use a bandwidth mix. I recently got offered a great deal on a full rack/cabinet with 30 Mbps of Level3 and Qwest bandwidth in the Chicago area and am thinking about moving my dedicated servers to colo.
I would appreciate your opinions and assistance with these questions.
What is considered a good deal for a full rack, power, and 30 Mbps of Level 3/Qwest bandwidth in the Chicago area? Assuming that it's in a nice and secure datacenter.
Is Level 3 still considered a top bandwidth provider these days?
How good is it compared (in terms of network quality, latency, etc.) to providers like Abovenet, Mzima, and Internap?
Lastly, how does Qwest bandwidth rate among the other carriers?
View 14 Replies
View Related
Nov 3, 2007
I was wondering what kind of rates I can get for Level3/WilTel (the old WilTel "cheap" bandwidth, if they still sell that as a separate product) in St. Louis on a 500Mbps commit. Looking for this bandwidth at either 900 Walnut or 210 N Tucker (Bandwidth Exchange Buildings).
View 4 Replies
View Related
Aug 9, 2006
I am looking to add 2 servers running debian and suse. We want to use it for a pilot A-Z voip termination project. Do we have any recommeneded colo's in NY or east coast USA with top nothc bandwidth for VoIP (L3). We currently have our servers in McLean, VA and Philadelphia on Level 3 providing USA and Canada SIP termination and the quality is excellent. We need similar at a lower cost.
View 3 Replies
View Related
Apr 29, 2008
I am working on finding a colo provider in Los Angeles that can meet these requirements:
* Full Cabinet
* 2x20A 220v Power
* Bandwidth either 1Gbps full burstable or 1Gbps dedicated (with plans to move up to 2-3Gbps within a year)
* Available ASAP
The sites that it will be hosting are sales and informational for a consumer product that sporadically gets news or magazine coverage which massively spikes its traffic. These times are when a good chunk of the revenue comes in but we do not necessarily know when they are coming. Does anyone know if having a full burstable line will cover this sort of eventuality or should we grab the entire dedicated line just to ensure we have it waiting? We would be providing all of our own firewalls and equipment, we just need the bandwidth, preferably without having to deal with a router on our side.
Price isn't the biggest consideration; reliability, stability, security, and performance are.
As an additional question, we are looking at a Catalyst 4507R-E switch for the core of our network, with redundant supervisors (for the purposes of ensuring we have no single points of failure). Any one have experience with this switch that can say whether it's a good choice or not for that?
View 8 Replies
View Related
Feb 4, 2008
Considering skipping VPS and going to a colo setup for a handful of sites. Nothing major, so the server will be very entry level, but with redundancy in mind (software RAID1 and 2 nics). But I have a few basic questions:
How good is hot swapping in Linux? This was very hard to me to find out online. I am getting a 1U rack with a hot swap backplane and 2 SATA drives. I won't be using any commercial software with my setup.
How does redundant NIC work? This is new to me and am wondering how this is setup.
I think I can shop around NYC for a 1U slot for around $40 a month. I don't need a lot of transfer, but would like a decent pipe. The thought of 1Mbit sounds unattractive (transfer is around 100KBytes/s, right?). How much would 10Mbit cost? I found some quotes but they seem way too much (I could be wrong).
View 11 Replies
View Related
Dec 16, 2007
My host has helped me to install a switch. However, I don't know how to configure using the command line. Could anyone help me?
I need to be able to connect to my Cisco switch using Cisco Network Assistant. If you know the command sequence,
View 5 Replies
View Related
Sep 3, 2008
I'm planning on moving from a shared hosting environment to a VPS. I've got 2 VPS hosts in mind (FutureHosting and Zone.net), all of them offer cpanel, Plesk, and DirectAdmin.
My question to everyone is which cpanel would be more useful to me? I've used cpanel in the past, but I would like to try something new. With the VPS, I do plan to host people's websites and I would like to create more websites for myself and manage them. I am leaning more towards DirectAdmin since it has an option for creating small user panels for people. What does everyone else think?
Also, how do you determine how much RAM you need? I obviously can't monitor my own RAM usage since I come from a shared hosting environment? How will I know if I need 256, 384 or even 512MB of RAM? Should I just start off with 256 and go from there?
View 11 Replies
View Related
Sep 9, 2009
i want to rent bandwidth about 200M~300M from DC,
and i need a switch to handle the bandwidth.
on the core switch,
i want to cut different lan and limit each port's bandwidth,
two 50M,one 100M,and other are litle.
which switch can handle it?
my budget is not many,
i hope it is reliable,
i hear some good review about 3com and procruve,
but im not sure if they have good switch suit my purpose.
View 11 Replies
View Related
Apr 16, 2007
I wonder what component makes a mobo suitable for Linux?. Is it the chipset for the board or something else too?.
View 5 Replies
View Related
Jan 23, 2007
I am planning to use a VPS to create cPanel/WHM Reseller Plans for my customers. I have a question:
Is VPS really suitable to create Reseller Plans?
View 14 Replies
View Related
Jan 19, 2007
CPU load average is around 2-5% on my box. I'd like to know when I'll have to upgrade the CPU. Can I wait and add more accounts until it reaches 90%
View 12 Replies
View Related
Jan 30, 2008
I've always been a seller that's primarily used PayPal only.. However, on my next online venture, we're stepping it up a grade and will be implementing a full CMS system, an e-commerce cart module (or platform in its entirety) and security through SSL certification.
I've taken a look at the SSL certificates offered by eNom and was wondering what you all thought would be the cheapest certificate that is suitable and ready for e-commerce that will process credit cards, etc.
Certainly the more expensive, I can assume is more feature and security laden, but just wanted to know what you all feel is a good balance of price, security and readiness for e-commerce.
View 2 Replies
View Related
Oct 16, 2009
What is the suitable internet speed for dedicated server hosting about 30 VPS?
View 7 Replies
View Related
Oct 8, 2008
I have built a server so I can co-locate it to be used for shared hosting. The specification is high, compared to most dedicated server offerings, so I was considering splitting it up into different virtual machines for different purposes. The specification is: Intel Xeon 3230 (4x 2.66ghz), 8GB DDR ECC RAM, Seagate Cheetah SAS 15,000rpm (4x 147GB), Adaptec RAID 5405 (RAID 6 Array with Battery Backup), Dual on-board NIC, etc.
The original plan was to use this machine as just one linux server, but I am concerned most of its potential will not be exploited. So I am exploring the possibility of setting it up as 2 Virtual Machines, installing Linux on one and Windows on the other. This way I can offer hosting for ASP and ASP.NET, and possibly MS SQL and/or Exchange depending on costs for their licences.
What Microsoft licences are suitable for servers used for shared hosting? From what I can gather there are several ways of being licenced, but I can't figure out which is the most cost effective. It seems you buy the server OS edition that supports your requirements, then pay another licence per user (CAL?) - I haven't got a clue how many users I will need to have though. Then if you want to use MS SQL, DNS or Exchange you need the correct edition - and buy licences for these too.
Does anyone know roughly what I should be looking to pay for what? I would ideally like to have MS SQL, DNS and Exchange - but am aware that the licence could be so expensive that it wouldn't be worth doing.
View 2 Replies
View Related
Sep 5, 2007
Does anyone know of a hosting Linux package (must be UK based) that has the usuals (PHP, MySQL, subdomains, email, Apache ModRewrite) that is geared towards hosting lots of low bandwidth sites?
I use several great hosters but they limit the amount of addon domains or charge you through the roof for extra ones. I'm thinking a package that will let me do 15 - 25 domains. More would be a bonus. The bandwidth allowance is not a problem. A lot of my customers' sites use less than 100 MB a month.
View 5 Replies
View Related
Dec 23, 2014
I just applied yum updates and then attempted Plesk microupdates on a Mediatemple dv4 VPS running CentOS release 5.11.
I ran the 'up' alias (as I have done many times with success):
alias up='/usr/local/psa/admin/sbin/autoinstaller --select-product-id plesk --select-release-current --reinstall-patch --install-component base'
It halted with:
ERROR: Unable to install the "psa-updates-11.0.9-rhel5.build110140930.15.noarch" package.
The following could cause the installation failure:
1) psa-updates-11.0.9-rhel5.build110140930.15.noarch: No suitable solutions were found for the "sw-engine >= 2.5.2" dependency.
2) sw-engine-2.5.2-201409301549.rhel5.x86_64: No suitable solutions were found for the "libcurl.so.3()(64bit)" dependency.
Here are the RPMS updated just beforehand:
Updated:
bind.x86_64 30:9.3.6-25.P1.el5_11.2 bind-libs.x86_64 30:9.3.6-25.P1.el5_11.2
bind-utils.x86_64 30:9.3.6-25.P1.el5_11.2 kernel-headers.x86_64 0:2.6.18-400.1.1.el5
mysql.x86_64 0:5.5.41-1.el5.remi mysql-bench.x86_64 0:5.5.41-1.el5.remi
mysql-devel.x86_64 0:5.5.41-1.el5.remi mysql-libs.x86_64 0:5.5.41-1.el5.remi
mysql-server.x86_64 0:5.5.41-1.el5.remi nss.x86_64 0:3.16.2.3-1.el5_11
ntp.x86_64 0:4.2.2p1-18.el5.centos php.x86_64 0:5.4.36-1.el5.remi
[Code] .....
View 3 Replies
View Related
Dec 16, 2007
Please give me the difference. Colo in carrier hotel, we can choose our preferred network provider, but should we do that if we cannot have our own tech in datacenter? How about the supporting service from carrier hotel? Just general question, cause I dont address exactly which facility.
And the second would be more expensive? Saying the same number of rack, amount of bandwidth... Who is providing IP addresses then?
View 2 Replies
View Related
Apr 3, 2009
I have a Sonicwall NSA 3500. Does anyone know if you can use it to create bandwidth charts of Network Objects (e.g. IPs or Groups of IPs)?
I am thinking something like Cacti, but I don't know the code to pull that info or if it's even technically possible.
View 1 Replies
View Related
Jan 6, 2008
Anyone know anything about cisco pix 501s? i need help setting one up if anyone can give me a hand.
View 14 Replies
View Related
Jan 13, 2008
I just got a Cisco PIX 501 from my IT Guy for home use and he didn't reset the firewall to default settings so there are ton of old commands in here.
Is there a command I can use to reset the firewall back to the factory default settings?
Or is there anyway I can flash it back to factory default settings?
View 3 Replies
View Related
Apr 19, 2008
I am interested to buy a Cisco ASA firewall. So far I have never played with this gears and I wonder if it is easy to setup.
Is there any software provided by Cisco to setup rules and ACL thru some graphic interface software ?
View 2 Replies
View Related
Jul 29, 2008
which case is more preferred: a shared web hosting service with unlimited space/bandwidth, or a dedicated one with limited space/bandwidth?
View 4 Replies
View Related
Aug 21, 2007
We are looking to replace our existing WatchGuard Firebox's with a hopefully more reliable firewall from Cisco's range although I'm a bit lost when it comes to the different ranges.
Could somebody suggest a firewall that is capable of:
1: Both NAT & Drop-in (bridge) mode
2: Pretty low bandwidth requirements, no more than 10mbit/s traffic
3: SNMP Monitoring
4: High availability pairing
View 6 Replies
View Related
Mar 25, 2009
I am on a tight budget for a Cisco firewall. I am browsing and seeing some affordable options in the x600 series.
Please tell me, which series is best?:
1600
2600
3600
The higher the better?..
Also what about submodels, like is 1650 better than 1600?
And how can I tell how much DRAM each one can take up to?
View 5 Replies
View Related
Apr 22, 2009
I see a lot of DDos related articles here at WHT. We've got hit multiple times by DDos and had to handle those attacks everytime with a different approach.
The largest one and the most well know one (we were in Times Mag, AP news, CNN, slashdot, you name it - just do a search about us on WHT) was Russian botnet cyberattack - we had to anaylyze netflow and then block everything on our edge routers, then on the firewall and then locally on the servers.
Since then we had number of other attacks, some of them we were not able to defend on the server level, while, as you can understand we can't do netwflow and manual intervention evey time somebody gets an attach.
We have very good scripts which allow to mitigate huge number of DDos attack, whet our scripts are finding attacking IPs and blocking them automatically - still some attacks could be blocked only on the router level.
I've read that Cisco Guard (I am interesed in 65xx version of it) suppose to mitigate DDos attacks in automatic mode.
View 14 Replies
View Related
