Firewall/router For VPS Host Server
Jan 30, 2008
we had 2 Xen serverers in colohouse, each with 30 IPs yet.
Now we are going to purchase third server and started to think about renting small rack and putting own firewall infront of the servers.
Actual bandwidth is 5Mbits for both servers together.
We are thinking about to have something like this:
Colohouse-->Firewall<-->switch<--->Xen server(s)
With scenario we would like to add:
1) traffic monitoring per IP
2) traffic shapping per IP
3) firewalling whole segment of our public IPs
FW will get single IP and range of public IPs routed to that IP
4) be able to put one public IP for VPS on to any Xen server
What firewall and switch you will recommend for this scenario?
View 0 Replies
ADVERTISEMENT
Feb 22, 2008
I have seen these 2 OS that should work as router/firewall, but are they worth enything?
View 14 Replies
View Related
Oct 31, 2007
I am about to design my company network.
The network will be designed like : we have 3 providers of IP transit, one will be the main network while the two other will feed the first network and manage a highly available network, probably using protocols like BGP4 and OSPF.
The current size of each fiber is 45 Mbit/s per operator. So I am looking for :
A router :
- able to handle each provider with up to 200 MBit/s in/output
- able to support protocol such as BGP4 or OSPF
- able to output snmp for monitoring
- have a little intuitive GUI for basic operations and have a real routing OS (like IOS or JunOS)
- is branded and warrantly (a plus would be hardware extensible)
- not too big box, something between 1 and 6U
A firewall :
- able to handle ALL the traffic to all carrier
- able to work as a SPF (drop all, allow only what I want, very accurate rules)
- have a little intuitive GUI for basic operations
- not too big box, something between 1 and 6U
About brand, most probably about Cisco, Juniper, Extreme or some good brand.
Which model would you advice me as router and which as firewall ? The price is not the main proccupation until it will do job just fine, but I would prefer to don't buy too expensive also.
View 5 Replies
View Related
Nov 10, 2008
I run a small datacenter, and we are migrating from Cisco to Linux based routers.
This routers should run a firewall, DDOS mitigation rules, CBQ bandwidth limitation, etc..
I know how to mitigate DDOS using tcpdump, also I know how to route..
I just need some advice about the firewall, stopping basic DDOS, fragmented packets, etc..
Should I use APF firewall in this case? Is there a good IPTABLES set of rules I could use?
I'm giving up from Ciscos, as I just discovered there are some UDP packets that can easily break them. I tested it last night, and that was it, nothing secure A few traffic (bogus UDP packets) and the router was down for a few minutes.
View 5 Replies
View Related
May 22, 2008
I would like to thank in advance to anyone who shares his knowledge or experience here.
I am trying to find a firewall with some routing capability. Since I expect to have Gbps transfer in the near future, I don't think I can find a solid commercial hardware firewall within my low budget. That's why I am looking at software products.
I would need firewall functions(ability to prevent DDoS attacks is desirable) and basic routing functions (dynamic routing and BGP is desirable but not necessary at the moment).
Stage 1 environment:
20Mbps from provider P;
100Mbps from provider C;
35 servers for budget dedicated, mainly web servers;
*I have a question in mind that, can I have my network setup that incoming from both provider P and C but outgoing through C only? Is static routing able to do that?
Expected stage 2 environment:
40 ~ 60Mbps from provider P;
100 ~ 200 Mbps from provider C;
70 ~150 servers, mainly web servers;
Currently I am looking at Vyatta, Untangle and Endian. Can someone give some comments on these software or any others that might be suitable for me?
View 14 Replies
View Related
May 13, 2008
I've been using dedicated hosting in places like the planet and rackspace for a long time now, but we're about to purchase a rack in a local data facility. This is my first time setting up a rack environment, so I have a bunch of questions.
They'll be giving me an ethernet drop into the cabinet. I have to take it from there. I'm thinking I needed a router/firewall. Am I right? Can those be a single device? Should they be? Which models would you recommend? (We're still a small operation, we don't usually push more than 1Mbps bandwidth).
View 9 Replies
View Related
May 3, 2008
I am in the process of gathering the peices to move from a dedicated box to my own hardware in a local colo and am undecided how best to choose the edge device.
The colo has a 30Mb pipe with about 10Mb of it being constantly used during biz hours. Another 10Mb is being allocated in the next couple of months. I want to be able to burst to the full 30Mb when needed.
I am getting 12 IP's allocated but will increase to 24 soon if all goes well (fingers crossed!).
I will have for starters just a single Proliant running dnp on 2008 with IIS, FTP, Mail, ns1 and a 2003 VM running my secondary ns.
What I am unsure of is the edge device and looking for others that have used either a 2800 series router or a ASA5500 series firewall in a similiar fashion. I know what the raw throughput of each device is, but raw benchmarks are not realworld numbers by any means.
I am looking at the 2801 with IOS Firewall turned on and hopefully even some inspects for FTP and HTTP traffic. The other option and one that I am less familiar with is to use the ASA5505 instead which will do my basic routing but supposedly provide more thourough inspects and advanced rules.
Does anyone have experiance with either of these in a hosting environment and have input on the realistic throughput one can expect from either device?
There is a signifigant cost difference with the ASA5505 being much cheaper but I am more familiar with IOS. Would anyone recommend a 1841 router instead?
View 6 Replies
View Related
Mar 4, 2008
i'm using ddwrt for firmware on my router.
mainly because of dhcp static leasing of ip addresses,
and the amount of torrents i download don't bother the router unlike the older firmware.
my problem is:
REMOTE_ADDR
HTTP_X_FORWARDED_FOR
X-Forwarded-For
are all returning my ip of my router: 192.168.1.1
i'm wondering what i can do to fix this.
even setting as dmz i don't get the correct ip.
I'm pretty sure i had this working with my previous firmware several years back... its been a while since i've setup my site again.
neways if any one can suggest debugging tips or suggest routes i can take to accomplish what i'm doing.
i'm thinking if this doesn't work is i plan on purchasing a secondary nic to create a gateway.
View 3 Replies
View Related
Dec 17, 2008
Do you recommend a software firewall when behind a hardware firewall?
All of our servers are behind Cisco ASA 5505 firewalls which we rent from Liquidweb. All are being managed correctly and setup to there optimal levels. With hardware firewalls firmly in place, do you still recommend a software firewall such as APF or IPTables (we're talking linux); in our opinion we see it as an extra administration overhead. If this is however untrue, we will change out thinking.
View 3 Replies
View Related
Jul 21, 2009
How do you modify a server's firewall? We have a dedicated server with WHM installed and it appears we can't get into mail.domain.com because of a firewall setting (our host disabled the firewall and it worked fine, then of course put it back up).
View 6 Replies
View Related
Jun 26, 2008
which is the better apf or csf for more security
View 7 Replies
View Related
May 29, 2008
I want to install APF firewall on my vps server.
My server is OpenVZ based with hypervm.
But i dont know wich port used by hypervm and lxadmin and must be open in firewall.
View 5 Replies
View Related
Oct 26, 2009
I'm looking to colo 5 servers, 3 app servers, 1 db, 1 backup/sparedb. I am looking for something to provide a bit of protection in, and it seems like the ASA5505 is a good firewall, but I was wondering if anyone had any other recommendations?
I probably won't need ridiculous features, I wish it had gigE ports (I need to get a separate gigE switch for now, just for internal transfers+backups).
Is there anything else that might be a little cheaper, or do I need to upgrade to the 5510? Myself and one other person are the only people who would be VPNing to the internal server cluster, so we don't need massive connection rights.
I do not think I will be pushing 100mbits of data transfer, so I'm not worried about the throughput of the server.
View 14 Replies
View Related
Apr 18, 2005
What's the best firewall to use on a dedicated server? Maybe something free, or at a low cost - it's a necessary expense after all.
View 6 Replies
View Related
Nov 18, 2006
So I requested a total of 5 to 6 times for a reboot from my DC. Whenever I try to start my AFP firewall, it just hang my server. Even after I reinstall AFP and start it, it still hang my server! Is there any log file where I can keep track of the problem?
View 14 Replies
View Related
Oct 2, 2008
We have a Dell 1950 server with WinServer 2003 which is at the moment unprotected and exposing our entire network to the internet. At the moment we don't have a hardware firewall and want to install a software firewall in the meantime for ACL. We could use the default firewall that comes with the server but apparently that's easy to exploit. I tried one called Kerio, however this particular firewall can't be configured from RDP because it needs to be active in order to input the IPs for it to allow. Any suggestions on a software based firewall solution that's easy to install and manage remotely?
View 3 Replies
View Related
Jun 25, 2009
i have just installed Config server firewall on a linux server
i need to enable some ports, how can i do that?
View 3 Replies
View Related
Jun 3, 2008
In your opinion what is the best firewall to use on a dedicated server that is running directadmin?
View 6 Replies
View Related
Jun 13, 2008
I've found a dedicated server at a great price and plan to stick with it, my first ( already have 2 vps accounts ). I don't have the money for a hardware firewall. However, I do have a chance to renew a Kerio WinRoute Firewall license from way back.
Does anyone think this would be better than the default windows 2003 firewall?
View 1 Replies
View Related
Aug 25, 2005
A firewall will run me another $100. Is it worth it? Do any of you run a Windows server w/o a firewall.
View 3 Replies
View Related
Jul 7, 2008
I'm getting a server at softlayer, and I am curious, do I need to setup any sort of security on the box like a firewall?
Or is the default install safe enough?
View 5 Replies
View Related
Dec 15, 2007
Hi,
can you please tell me how i can clear the firewall in my linux box?
It's CentOS but i'm not sure what type of firewall is installed on my box.
Hpe to get response soon,
toby
View 10 Replies
View Related
Nov 5, 2008
Questions About Self-Managed Dedicated Server
View 11 Replies
View Related
Jan 20, 2008
I have a server with Windows Server 2003 and for some days alguian is trying to enter using terminal server.
How I can block the ip of the attacker?
What firewall you recommend me to install in the server?
View 3 Replies
View Related
Apr 26, 2007
can anyone recommend firewall software for Windows 2003 Server. I'm aware it has a firewall on board, but this one doesn't allow me to specific access to specific IP address on the server, which are configured on a single adapter.
Also, I've looked into IPsec, which is my backup solution if I cannot find a decent firewall. Unfortunately, IPsec is kind of restrictive and not particularly stateful.
I'm looking for a simple firewall, which is not too expensive. This is only for one simple server.
View 6 Replies
View Related
Jun 1, 2007
I just uninstall apf and install csf firewall on 4 servers
There is a problem after that. 2 of the server actually was OFFLINE by 12 midnight sharp yesterday night. This is the second time (second day) it happens.
I went into the datacenter and
#ping yahoo.com
*Host not found*
#service csf stop
#ping yahoo.com
*Responding*
So how is this related to eth0 making my server offline by itself? Was it Iptable problem or Csf problem? or Kernel problem?
View 7 Replies
View Related
Mar 1, 2007
I have Windows 2003 Server on my dedicated server...
PLESK 8.1
When I go into the Control Panel -> Windows Firewall.
It won't allow me to open Windows Firewall to configure it.
I get the following error....
"due to unidentified problem windows cannot display Windows Firewall settings".
I have checked PLESKs control panel. And there does not seem to be a service in there for Windows firewall.
My Host suppose to have contacted PLESK about this problem but they are taking far to long to resolve the issue.
View 14 Replies
View Related
Aug 19, 2007
We are looking for good firewall and HIDS for our windows server
View 3 Replies
View Related
Jul 15, 2009
I heard that CSF firewall will block the ips but still its useful to install? or is there any other method to stop to automatically block the ips from csf? Just want to know about it.
View 14 Replies
View Related
Oct 25, 2009
I have set up a Plesk Windows server behind a CISCO PIX 501 firewall and since then am not able to upgrade Plesk to the latest version. It cannot connect to the Plesk Update server. which port do I need to open and whether it will be inbound or outbound?
View 14 Replies
View Related
Aug 17, 2007
which Firewall software is the best for Windows 2003 Server?
View 2 Replies
View Related
