Firewall For Colocation
Jul 20, 2007
I'm moving from 10 dedicated server to colocation.
Our setup is as follow:
- 2 HP DL365
- san storage based on EMC Ax150i (iscsi) with 6x500Gb sata disks
- 3 D-Link DGS-3024 ethernet switch
- virtualization based on Xen 3.x and RedHat 5 Advanced Platform
- 100Mbps bandwidth from the datacenter and a /24 network subnet
I'm looking for a layer 3 firewall, I'm inetersted in Cisco ASA series 5505 or 5510 models. Someone as experience with this firewall?
View 6 Replies
ADVERTISEMENT
Dec 17, 2008
Do you recommend a software firewall when behind a hardware firewall?
All of our servers are behind Cisco ASA 5505 firewalls which we rent from Liquidweb. All are being managed correctly and setup to there optimal levels. With hardware firewalls firmly in place, do you still recommend a software firewall such as APF or IPTables (we're talking linux); in our opinion we see it as an extra administration overhead. If this is however untrue, we will change out thinking.
View 3 Replies
View Related
Jun 13, 2008
I've found a dedicated server at a great price and plan to stick with it, my first ( already have 2 vps accounts ). I don't have the money for a hardware firewall. However, I do have a chance to renew a Kerio WinRoute Firewall license from way back.
Does anyone think this would be better than the default windows 2003 firewall?
View 1 Replies
View Related
Sep 30, 2006
after install apf firewall whole server blocked to everyone.. i can't get ping back as well. Any idea?
View 2 Replies
View Related
Oct 24, 2009
I'm planning to place some firewalls in my network, but I'm afraid of something.
I have never used cisco pix, checkpoints and others.. We currently use custom made linux solutions for that
When we use these ready-to-go boxes, do we need to NAT the internal server IPs?
Is it possible to use these ready-to-go solutions with REAL IPs in the servers?
Does cPanel work well with NATed internal IPs? Or shall I have some trouble?
Do you think it's safer to with NATed, or it will be better to use real ips instead?
View 4 Replies
View Related
Apr 8, 2009
I was wondering what everyone thinks the best Firewall software is for a dedicated server?
View 7 Replies
View Related
Jun 3, 2009
Im using the latest cPanel release. Using Pure-FTPD as the ftp server. I have CSF Firewall installed and configured and have also got [url]installed. on the dos deflate software ive set the ban limit to 250 connections.
But what my problem is that while downloading on ftp clients with internet that can download very fast that it will ban them. Ive kinda realised that it is to do with the DDos software but im unsure what i should do. Increase the limit of connections but that would mean that more minor Ddos attacks might get through so that would affect more clients. Or leave the limit at 250 and let clients get blocked for 20 minutes.
Or alternatively is there a way i can stop people getting banned via FTP completly. As i dont see that option on the Ddos or csf.
View 8 Replies
View Related
Jan 14, 2009
I´m running the remote desktop service and configuring a remote dedicated server right now.
So, I need to install a firewall in this machine, but I don´t want to be disconnected after the installation.
So, can anyone tell me of a firewall that don´t stop the connection of RDP just after installation and works with Windows 2003 Server?
View 4 Replies
View Related
May 9, 2008
secure a LAN network with 200 computers, a specific hardware solution (like CISCO PIX or so) might not be available.
Though, I'm considering a Firewall OS based Solution like pfSense, m0n0wall, eBox, Endian Firewall, SmoothWall, etc.
There are so many options and I have no experience with none of this. My Requirements are:
Web based configuration
Clean Interface with graphic statistics
Pretty Secure
Good hardware support
Free usage
Simple configuration
Support for high bandwidth usage
I think OpenBSD is pretty secure, is there any OpenBSD Firewall OS solution with this requirements?
View 11 Replies
View Related
Mar 23, 2008
What better firewall to vps?
In my vps not use csf or iptables
Virtuozzo has bug that.
View 7 Replies
View Related
Mar 30, 2008
What do you think of this two firewall? which one is better overall?
View 14 Replies
View Related
Jul 8, 2008
I am looking to setup a Firewall etc... on a VPS and would like to know what is the better one and easy to use etc...
CSF or APF and BFD ?
View 6 Replies
View Related
Feb 6, 2008
know of any hardware firewall (or suggest) which is under 300 USD and can protect around 5 servers with a total bandwidth capacity of 100 (+/-) Mbps. I am really no security expert
Of course, it should have web based management, online documentation (not really needed) and something special for prevent DoS attacks automatically (really fed up of them).
If possible if you can link me directly to an online store that can ship it Internationally / Europe?
View 0 Replies
View Related
Apr 26, 2008
I was having attacks so I installed CSF firewall which did a great job. However on a few of my sites, specifically proxy ones, every second or third page you visit will be a 403 Forbidden error. After about 20-30 seconds, you can refresh and it goes away. I suspect CSF is causing this, because it just started to happen after I installed it. Is it thinking there are too many connections or too much bandwidth and its blocking me or other users just using the proxy? Is there a way to make it slightly more tolerant?
View 3 Replies
View Related
Mar 2, 2007
I am a non technical type that is trying to start a web based business. I am thnking a dedicated server will be the best option for me but as I looked at the quotes from several different web hosts I noticed that the firewall services that they provide are very expensive. 100$ a month - 150$ a month.
Are there other firewall options that can be installed on the server that we as administrators can install and use?
View 11 Replies
View Related
Jun 10, 2007
I have had a fair few hack attempts from ip numbers that are on the same
provider ;telewest' that i am on - is there anyway of getting this takne further other than contacting isp?
Jun 9 21:49:04 mark-scorfields-computer ipfw: 12190 Deny TCP 122.24.44.198:2426 82.39.142.27:135 in via en0
Jun 9 21:49:04 mark-scorfields-computer ipfw: 12190 Deny TCP 122.24.44.198:2426 82.39.142.27:135 in via en0
Jun 9 21:49:04 mark-scorfields-computer ipfw: 12190 Deny TCP 122.24.44.198:2426 82.39.142.27:135 in via en0
Jun 9 21:49:08 mark-scorfields-computer ipfw: 12190 Deny TCP 211.75.135.2:2261 82.39.142.27:135 in via en0
Jun 9 21:49:08 mark-scorfields-computer ipfw: 12190 Deny TCP 211.75.135.2:2261 82.39.142.27:135 in via en0
Jun 9 21:49:08 mark-scorfields-computer ipfw: 12190 Deny TCP 211.75.135.2:2261 82.39.142.27:135 in via en0
Jun 9 21:50:16 mark-scorfields-computer ipfw: 35000 Deny UDP 204.16.209.44:51324 82.39.142.27:1026 in via en0
Jun 9 21:50:16 mark-scorfields-computer ipfw: 35000 Deny UDP 204.16.209.44:51324 82.39.142.27:1026 in via en0
Jun 9 21:50:16 mark-scorfields-computer ipfw: 35000 Deny UDP 204.16.209.44:51324 82.39.142.27:1026 in via en0
Jun 9 21:50:16 mark-scorfields-computer ipfw: 35000 Deny UDP 204.16.209.44:51324 82.39.142.27:1027 in via en0
Jun 9 21:50:16 mark-scorfields-computer ipfw: 35000 Deny UDP 204.16.209.44:51324 82.39.142.27:1027 in via en0
Jun 9 21:50:16 mark-scorfields-computer ipfw: 35000 Deny UDP 204.16.209.44:51324 82.39.142.27:1027 in via en0
Jun 9 21:50:36 mark-scorfields-computer ipfw: 12190 Deny TCP 121.34.113.29:27207 82.39.142.27:135 in via en0
Jun 9 21:50:36 mark-scorfields-computer ipfw: 12190 Deny TCP 121.34.113.29:27207 82.39.142.27:135 in via en0
Jun 9 21:50:36 mark-scorfields-computer ipfw: 12190 Deny TCP 121.34.113.29:27207 82.39.142.27:135 in via en0
Jun 9 21:59:38 mark-scorfields-computer ipfw: 12190 Deny TCP 58.221.225.230:4151 82.39.142.27:135 in via en0
Jun 9 21:59:38 mark-scorfields-computer ipfw: 12190 Deny TCP 58.221.225.230:4151 82.39.142.27:135 in via en0
Jun 9 21:59:38 mark-scorfields-computer ipfw: 12190 Deny TCP 58.221.225.230:4151 82.39.142.27:135 in via en0
Jun 9 22:00:38 mark-scorfields-computer ipfw: 35000 Deny UDP 220.164.140.236:36236 82.39.142.27:1027 in via en0
Jun 9 22:00:38 mark-scorfields-computer ipfw: 35000 Deny UDP 220.164.140.236:36236 82.39.142.27:1027 in via en0
Jun 9 22:00:38 mark-scorfields-computer ipfw: 35000 Deny UDP 220.164.140.236:36236 82.39.142.27:1027 in via en0
Jun 9 22:00:38 mark-scorfields-computer ipfw: 35000 Deny UDP 220.164.140.236:36236 82.39.142.27:1026 in via en0
Jun 9 22:00:38 mark-scorfields-computer ipfw: 35000 Deny UDP 220.164.140.236:36236 82.39.142.27:1026 in via en0
Jun 9 22:00:38 mark-scorfields-computer ipfw: 35000 Deny UDP 220.164.140.236:36236 82.39.142.27:1026 in via en0
Jun 9 22:00:39 mark-scorfields-computer ipfw: 35000 Deny UDP 220.164.140.236:36240 82.39.142.27:1026 in via en0
Jun 9 22:00:39 mark-scorfields-computer ipfw: 35000 Deny UDP 220.164.140.236:36240 82.39.142.27:1026 in via en0
Jun 9 22:00:39 mark-scorfields-computer ipfw: 35000 Deny UDP 220.164.140.236:36240 82.39.142.27:1026 in via en0
Jun 9 22:00:39 mark-scorfields-computer ipfw: 35000 Deny UDP 220.164.140.236:36240 82.39.142.27:1027 in via en0
Jun 9 22:00:39 mark-scorfields-computer ipfw: 35000 Deny UDP 220.164.140.236:36240 82.39.142.27:1027 in via en0
Jun 9 22:00:39 mark-scorfields-computer ipfw: 35000 Deny UDP 220.164.140.236:36240 82.39.142.27:1027 in via en0
Jun 9 22:03:45 mark-scorfields-computer ipfw: 12190 Deny TCP 125.195.44.229:2212 82.39.142.27:135 in via en0
Jun 9 22:03:45 mark-scorfields-computer ipfw: 12190 Deny TCP 125.195.44.229:2212 82.39.142.27:135 in via en0
Jun 9 22:03:45 mark-scorfields-computer ipfw: 12190 Deny TCP 125.195.44.229:2212 82.39.142.27:135 in via en0
Jun 9 22:03:48 mark-scorfields-computer ipfw: 12190 Deny TCP 82.39.189.11:4628 82.39.142.27:2967 in via en0
Jun 9 22:03:48 mark-scorfields-computer ipfw: 12190 Deny TCP 82.39.189.11:4628 82.39.142.27:2967 in via en0
Jun 9 22:03:48 mark-scorfields-computer ipfw: 12190 Deny TCP 82.39.189.11:4628 82.39.142.27:2967 in via en0
Jun 9 22:03:51 mark-scorfields-computer ipfw: 12190 Deny TCP 82.39.189.11:4628 82.39.142.27:2967 in via en0
Jun 9 22:03:51 mark-scorfields-computer ipfw: 12190 Deny TCP 82.39.189.11:4628
View 11 Replies
View Related
Feb 10, 2007
Lately one of my servers have been getting syn floods and ddos attacks (repeatedly for the last 2 weeks). The attacks are not as bad as they were the last 2 weeks, but my software firewall (iptables and csf) is not doing the job anymore. It can't handle such large attacks.
I picked up a netgear firewall, but it has dhcp and lan, which made it have no use to me. All my servers are on static ips, so I would be unable to use a lan.
Is there a firewall available which would allow me to setup something like this (Server 1 is the one getting attacked):
Internet ---> Firewall ---> 48 Port Switch ---> Server 1, Server 2, and so on
or
Internet ---> 48 Port Switch ---> Firewall ---> Server 1
Other servers come off the Switch
I saw the Cisco Pix on ebay, but am not sure of all the features it holds. I basically need a firewall without any lan capaibilites, no routing, just a plain firewall that will protect from DDoS and Syn Floods (if possible, also email me the logs). Also needs to push up to 20Mbps (100Mbps would be best though).
I looked into m0n0wall and pfsense, but their software didn't make any sense to me. I tried setting it up on a PIII 700Mhz with 768MB Ram but never got the webConfig to work.
Price is not a huge issue, I just need these attacks to end. any suggestions on software firewalls let me know.
View 14 Replies
View Related
Oct 22, 2007
Which is the best firewall in linux unix servers..................
View 4 Replies
View Related
Mar 7, 2007
I have a client who requires a firewall with VPN support. He will be utilizing around 10mbit of traffic at most. What would be a suggested firewall to go with that would properly handle vpn?
View 10 Replies
View Related
Oct 4, 2009
Is there a "premium" for colocation space in cabinets which are taller than 42U? I'm putting some cabinets into a datacenter cage, which I will lease to 3rd parties as colocation cabinets, and there is plenty of height below the ceiling (about 290 cm). I could put in 42U cabinets, but I could go taller, up to about 48U.
The cabinets will have about 10 kW delivered to them (8 kW usable per cabinet), but the UPS is sized for an average load of 5 kW per cabinet. Cabinet depth is 1200 mm. There will be cable tray 10 cm above the cabinet.
If you were going to colo 5 kW of equipment (average) per cabinet, would 48U cabinets have value to you over 42U high cabinets?
View 3 Replies
View Related
Jan 20, 2009
I found a couple of phrases mentioning them here on WHT, both praising and negative. Can't make up my mind.
View 2 Replies
View Related
Aug 23, 2009
I'm soon going to purchasing a rack server from Dell, and have been looking into the options of basing it within the UK, as it seems best.
I've looked into the Rapid switch data centre in Berkshire, aswell as Blue square in Maidenhead.
View 12 Replies
View Related
Jun 13, 2009
I'm with is looking to colo 2 x 1RU servers in the US, so looking for suitable colo facilities.
We definitely want to buy, own and manage the servers ourselves, so we're after colo & bandwidth, not server rental.
As we're new to colo in the US, any advice or recommendations would be greatly appreciated.
Servers will be 2 x quad core CPU, 8GB RAM, 2 x SAS HDDs, 1 x PSU, so we'll obviously need a facility able to provide the required power at a reasonable cost.
We'll need 4 network points, 2 for each server (1 Internet, 1 LOM).
Bandwidth wise, we're expecting to start with low demand, but grow steadily over the next two to three years.
Ideally we're after flat rate bandwidth in the order of 512Kbps - 2 Mbps, aggregated across the network points, with no excess usage charges.
95th percentile billing is also an option, but less preferred - we'd much rather know we have a fixed monthly OpEx, instead of the unpleasant surprise of a large excess bandwidth bill!
We're happy to look at other bandwidth options, so long as they provide a fixed monthly cost, and let us scale at a reasonable price, as we need it.
We'll like a /28 of IP space - 8-10 usable, but may be able to get away with a /29 if it's the make or break decision.
View 14 Replies
View Related
Sep 17, 2009
I am looking to colo a 1U server in a DC in North Carolina. I would need a 10Mbit line un-metered or a metered 100mbit.
I could negotiate on the bandwidth if its not possible in NC .
I have been researching for a while and the DCs here are very very expensive so far...
View 13 Replies
View Related
Oct 9, 2009
I've recently acquired a 1U rack mount server from eBay. I believe it kicks some butt...and now I am thinking about looking for a colocation provider to host it for me.
It's for my own websites, not web hosting or storage. I don't need any sophisticated control panel, as I've pretty much made my own. I only need enough IP addresses to have my own name servers and one for all of my websites (I don't need each site to have a unique IP). I don't need any management help as I can manage my own servers. A simple data center control panel with the ability to hard reboot my server would be nice.
However, if the provider charges anything above $70-$80, I can just rent a dedicated server for around the same price. I know the dedicated server would not have the same features and hardware as my server, but if I'm providing the server, why should I be charged the same amount as if they were providing me with a server?
View 4 Replies
View Related
Apr 22, 2008
I'm trying to figure out my whole DNS situation now that I switched over to colocation. I have 2 servers, one hosts multiple sites and the other is just a backup.
I'm not sure what to do with DNS hosting. I could either host my DNS on both the servers (ns1,ns2 main server ns3,ns4 backup server). Does this mean if the main server goes down (ns1,ns2) it'll start using ns2,ns3? If so, can I just have ns2,ns3 point to my backup server IPs and traffic will just resume on the backup of the main server goes down?
If I go with a service like DNSMadeEasy.com, can I just point my main domain's name servers to ns1.dnsmadeeasy.com, ns2, ns3, etc.. and then point all my other domain's name servers back to my main domain OR would I have to point all my individual domains to dnsmadeeasy's name servers?
View 2 Replies
View Related
Jan 8, 2008
I have several servers on datacenters.
I was wondering, I always did, that is would be so much nicer to own the hardware. I looked for colocation prices in the past but the prices where allot higher then to rent from a datacenter.
Is this really so?
Is best to buy the hardware and send it to a colocation service or to rent a specific harware.
The colocation prices are normally per Mbit, that means there is not montly GB limits, you can go as fast a the switch allows?
How can you test if you are really getting the speed, any guarantee.
Also what happens if a hard disk fails? Do you have to buy one on overnight and send it to the datacenter? They will charge you for installation i suppose.
View 14 Replies
View Related
Jul 1, 2008
We are looking for reviews of colocation companies offering quarter racks at BlueSquare, or another data centre in the south of England. We are based in Dorset and as far as we can tell the nearest data centres are in Bournemouth (not open yet), Southampton (don't know too much about those) and Maidenhead (BlueSquare, where we currently colocate a couple of 1U servers).
Companies we have been considering are connexions4london, a1isp and netrino but we are a bit short on information about their reputations. Reliability is the single most important thing to us, we are not necessarily looking for the cheapest, but for somebody with a good history of service level.
Can anybody tell us about their experiences with any of these companies? I heard about some trouble with Netrino last year but nothing recent, and also a that a1isp use netrino, can anybody confirm or deny that? We have also spoken extensively with connexions4london but we would have to sign up for at least a year - which we would be happy to do if we knew their service was great.
View 8 Replies
View Related
Jan 29, 2007
I have a few questions which I'd like answered if possible.
Firstly, I understand 1U is the space in the rank etc etc -- my question is, does one server usually fill up one 1U?
What is meant by premium bandwidth? is that a type of bandwidth charge? is there any other types?
What is meant by 5mbps?
View 14 Replies
View Related
Jun 7, 2008
could anyone explain to me what colocation is?
View 2 Replies
View Related
Jul 14, 2007
with a decent article as to what colocation is? I have been looking and havn't been able to determine it. I'm trying to do some research as to why my web host is being .... difficult.
View 1 Replies
View Related
