[KLUG Members] choice of i-filter/firewall/squid box

[Adam Tauno Williams]

> > I am asking for some guidance on a choice of /firewall/squid/& internet
> > filtering/ for a small school lab environment.  There is already a Windows
> > 2000 server and a separate Printserver locked in place, along with WinNT
> > boxes for teacher access.
> Firewalls: take your pick. There are lots of them. IPCop, Devil Linux,
> etc.

Yep,  I like 'solid state' firewalls.  That is ones with no moving parts, as
your firewall is a really critical part of the system.  You can do that with
Devil Linux, floppyfw, etc...  Not a really big IPCop fan.  Use any reliable
box and make the firewall the firewall and absolutely nothing else.

> Caching: squid is what you want.

Yep.

How many users are we talking?  10, 100, 500, 1000, ....  You need to size your
Squid box, although for anything less than like 200 users just about any
hardware should be fine.

> > There have been many positive responses with a tryout of an LTSP & thin
> > client setup.  Now there is a requirement to install a box between the
> > broadband cable modem and the rest of the school's internal LAN to filter
> > Internet access.
> You could do this on one box, but I like to seperate the duties. One
> firewall server and one caching server. But that's just me. Others think
> differently.

Right, (1) firewall, (1) proxy, + other servers.

> Depending on your anticipated usage, say more than 10 users, I would
> discourage you from putting the caching services on an LTSP server.
> Again, I like to seperate that stuff out. 

It is easier to maintain/upgrade seperate.

> FWIW, rumor has it that one of the Devil Linux dudes is on this list. ;)

Yep, thats Bruce, our site-master.

> > John S., KLUG supporting member.

Supporting Members RULE!!!!