[nflug] Firewalls
Robert Meyer
meyer_rm at yahoo.com
Tue Nov 20 11:24:40 EST 2007
OK, my turn to ask a question. I have a situation where our firewall (seven or more years old) is no longer supported and it has been losing connections on any box that I upgrade to a 2.6 kernel from a 2.4. I have Netscreen 100 firewalls and can't even get firmware updates.
So, the question that I post to the group:
I have a fairly fast Internet connection to Vaspian. I have an environment with 30+ servers and less than 10 workstations that need to be connected. I need to be able to have the web servers (about 6 for the moment) accessible on the Internet but I have to be able to use stateful NAT to be able to have the firewall point to several web servers for a single IP address for load balancing, etc. If the firewall did some monitoring to determine that a web server has failed and can remove it from the pool, that would be a bonus.
I intend to start monitoring the servers with Nagios so maybe Nagios could be used to control the web server pools.
I have actually thought about building a Linux firewall to do all of this, using shorewall but I don't know about the server pool thing. I haven't researched that at all.
So, I'm soliciting opinions. I need to know as many options as I can so that I can make an intelligent decision on this. Note that we're expecting significant growth in our traffic, here. As always, cheaper is better.
Thanks...
Cheers!
Bob
____________________________________________________________________________________
Be a better pen pal.
Text or chat with friends inside Yahoo! Mail. See how. http://overview.mail.yahoo.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.nflug.org/pipermail/nflug/attachments/20071120/6e1edfd4/attachment.html
More information about the nflug
mailing list