Firewall Wizards mailing list archives
Re: Transparent proxying
From: Luke Butcher <luke.butcher () alphawest com au>
Date: Fri, 13 Feb 2004 08:57:05 +1100
Hi jm, On Thu, 2004-02-12 at 14:55, jm wrote:
I'm trying to enable transparent proxying from a router or from a L3/4 switch and after a day spent on Cisco, Extreme Networks and other Enterasys website I'm still completely clueless as to whether I need a $1,000 or a $15,000 box. Since obviously I would prefer the former, I'm relying on your advices.
You're going to need a L4+ type device, don't think you're going to be able to do it in a Standard Cisco Router. As for the type of device I know the old Alteon Ace Director 3's could do it. I think the current line of Alteon/Nortel that does the job is the Alteon Content Cache. I haven't personally tested this box, but previous Alteon stuff I used was bulletproof. In Cisco range you are looking at the content routers/engines. Smallest one here is the Cisco 500 Content Engine. It should do the job for you for basic proxying and small traffic loads. The other box I'd recommend looking at is the f5 BigIP stuff. These can do transparent proxying as well as much more. They tend to be more on the pricey side however.
In addition I need the router/switch to be remotely configurable from
my proxy server. I am a little confused by this. When you say remotely configurable do you mean just manage it from the proxy server? This should just be a matter of allowing ssh or https through any firewalls/ACLs between the "transparent proxy" and your proxy server. If you're talking about some sort of automatic configuration by your proxy server this is a much harder concept and would need further details. Disclaimer: Alphawest is a reseller of all these devices however the opinions expressed are my own experiences with the above devices. Luke Butcher Network/Security Consultant www.alphawest.com.au Alphawest Disclaimer --------------------------------------------------------------------------- If this communication is not intended for you and you are not an authorised recipient of this email you are prohibited by law from dealing with or relying on the email or any file attachments. This prohibition includes reading, printing, copying, re-transmitting, disseminating, storing or in any other way dealing or acting in reliance on the information. If you have received this email in error, we request you contact Alphawest immediately by returning the email to postmaster () alphawest com au and destroy the original. This email is confidential and may contain privileged client information. Alphawest has taken reasonable steps to ensure the accuracy and integrity of all its communications, including electronic communications, but accepts no liability for materials transmitted. --------------------------------------------------------------------------- _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Vlan's as effective security measures? Ware, Larry (Feb 09)
- Re: Vlan's as effective security measures? John Hall (Feb 09)
- Re: Vlan's as effective security measures? avraham shir-el (arthur sherman) (Feb 11)
- Re: Vlan's as effective security measures? John Hall (Feb 12)
- Re: Vlan's as effective security measures? Daniel Linder (Feb 12)
- Transparent proxying jm (Feb 12)
- Re: Transparent proxying Luke Butcher (Feb 12)
- Re: Transparent proxying kaptain (Feb 12)
- Re: Transparent proxying Ng Pheng Siong (Feb 13)
- Re: Vlan's as effective security measures? avraham shir-el (arthur sherman) (Feb 11)
- Re: Vlan's as effective security measures? John Hall (Feb 09)
- <Possible follow-ups>
- RE: Vlan's as effective security measures? Melson, Paul (Feb 10)
- Re: Vlan's as effective security measures? Brian Ford (Feb 12)
- Re: Re: Vlan's as effective security measures? Brian Ford (Feb 12)
- Re: Vlan's as effective security measures? Todd Joseph (Feb 13)
- Re: Vlan's as effective security measures? Brian Ford (Feb 16)
- Re: Vlan's as effective security measures? Todd Joseph (Feb 13)
- RE: Re: Vlan's as effective security measures? hugh_fraser (Feb 16)
- Re: Vlan's as effective security measures? Jeremiah Cornelius (Feb 20)
- RE: Re: Vlan's as effective security measures? Brian Ford (Feb 16)