Educause Security Discussion mailing list archives
Re: Firewall Vendors
From: "Tornoe, Eric J." <EJTORNOE () STTHOMAS EDU>
Date: Thu, 30 Oct 2014 20:14:32 +0000
Thanks Dennis, I’ll look into that. Our shaping needs are very minimal, such as swapping admin and dorm bandwidth during peak usage times for each so we are fairly confident the Palo will cover our needs. We recently implemented PeerApp, which caches Netflix and Amazon Prime Video, Windows and IOS updates, etc. and serves the content from the local network to take the load off the Internet pipe. This has effectively returned about 100Mbps of bandwidth. We run an average of 25% served from cache and occasionally we are serving more from the PeerApp than we are from the Internet. It nicely evens out the hit from things like the recent IOS 8 update because after the first three downloads the rest come from the local cache. You could see this in the PeerApp charts for 2-3 days after the release on September 17th with noticeably higher “served from cache” numbers. Eric From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Dennis Bohn Sent: Thursday, October 30, 2014 12:08 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Firewall Vendors HI Eric, Since you again mentioned bandwidth shaping, I wanted to let you know that we are pretty pleased with Net Equalizer. It's best feature is that most of the time it does no shaping :-) Until it is approaching a preset bandwidth threshold, and then throttles back the users with the highest number of flows/most bandwidth. A few times a week I get an email that it has kicked into shaping, but most of the time it just sits there. This does not have the precise reports of who is using what L7 protocol, but we stopped caring until there is a problem, and other tools work then. best, dennis Dennis Bohn Manager of Network and Systems Adelphi University bohn () adelphi edu<mailto:bohn () adelphi edu> 5168773327 On Thu, Oct 30, 2014 at 11:53 AM, Tornoe, Eric J. <EJTORNOE () stthomas edu<mailto:EJTORNOE () stthomas edu>> wrote: We are considering a pair of PA 5060’s and it is good to hear that everyone who has them has had a positive experience. It sounds like the PA would also meet our needs for P2P blocking and minimal bandwidth shaping, allowing us to eliminate our PacketShaper. We would plan to roll training into the initial purchase, which would be provided by our reseller. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>] On Behalf Of Michael Horne Sent: Thursday, October 30, 2014 10:30 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Firewall Vendors +1 for PaloAlto’s I really love these things compared to the older checkpoints we had running prior. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of King, Ronald A. Sent: Wednesday, October 29, 2014 5:59 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Firewall Vendors Palo Alto Networks. We have had a pair of their next generation PA 5050s and have been very happy with them. Got a Phish (email)? Forward it to abuse () nsu edu<mailto:abuse () nsu edu>! Ronald King, CISSP Interim CISO & Technical Services Director Norfolk State University http://security.nsu.edu<http://security.nsu.edu/> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Kubb, Richard Sent: Wednesday, October 29, 2014 5:55 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Firewall Vendors Greetings, At Maryville we currently use a Sonicwall firewall that is rapidly reaching end of life and are starting to explore alternative vendors. Curious which vendors and models others are using for your firewall solution. We also use Packetshaper as part of our solution and we would consider a single firewall device and eliminate the use of Packetshaper if we can find the right solution. Regards, Rick. Rick Kubb Director of Technology Services Maryville University 314-529-9606<tel:314-529-9606> Gander Hall, Room 215 rkubb () maryville edu<mailto:rkubb () maryville edu>
Current thread:
- Re: Firewall Vendors, (continued)
- Re: Firewall Vendors T. Shayne Ghere (Oct 29)
- Re: Firewall Vendors Rich Graves (Oct 29)
- Re: Firewall Vendors Jason Cook (Oct 29)
- Re: Firewall Vendors King, Ronald A. (Oct 30)
- Re: Firewall Vendors Ben Parker (Oct 30)
- Re: Firewall Vendors Jason Cook (Oct 29)
- Re: Firewall Vendors David Escalante (Oct 30)
- Re: Firewall Vendors Michael Horne (Oct 30)
- Re: Firewall Vendors Tornoe, Eric J. (Oct 30)
- Re: Firewall Vendors Dennis Bohn (Oct 30)
- Re: Firewall Vendors Tornoe, Eric J. (Oct 30)
- Re: Firewall Vendors Brian Helman (Nov 06)
- Re: Firewall Vendors Tornoe, Eric J. (Nov 14)
- Re: Firewall Vendors Dexter Caldwell (Nov 12)
- Re: Firewall Vendors Tornoe, Eric J. (Nov 14)
- Re: Firewall Vendors Jeremy Kurtz (Oct 29)
- Re: Firewall Vendors Bob Williamson (Oct 30)