Search squid archive

Re: [squid-users] Recommended Hardware for my setup

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 6/10/05, Jason Williams <jwilliams@xxxxxxxxxxxxxxxxxxxx> wrote:
> Kevin wrote:
> 
> >Your choice of hardware will be dictated to a great extent by your choice
> >of operating system, and might also be influenced by your budget and
> >your employer -- in my case, corporate purchasing mandates that we
> >we buy from Dell, so I use the Dell PE1850 for "smaller" critical boxes.
> >
> >
> Very good point. I left that out by mistake.
> My first two choices for OS would be FreeBSD or OpenBSD. I am very
> familiar with both and run a few of them on our company network doing a
> variety of tasks
> 
> >With just 70 employees, even the lowly PE750 would be overkill.
> >
> Just saw that one on dell. Starts at about $550. Comes with 256mb RAM.
> Suggestion to upgrade more? Maybe 512 at the least, 1gb at best?
> CPU is fine. Single 40gb SATA drive. should be sufficient.

There's one nasty problem with the PE750 and OpenBSD -- if you go with
the SATA drives, the onboard controller is not supported in DMA mode,
so you would need to put a supported PCI controller in one of the two slots.

The embedded Intel 'em' controllers available on most Dell machines are
good gigabit Ethernet controllers.  The Broadcom 'bge' NICs found on a
few Dell products are less well regarded.


> >My first recommendation for the "corporate world" is to plan on purchasing
> >two identical machines and operate either behind a load-balancer or with
> >a reliable failover solution -- if you use Proxy Automatic Configuration (PAC)
> >instead of transparent proxy, you can even have the clients themselves do
> >both load-balancing and failover in the PAC script.
> >
> Yes. That is what I originally had in mind. Assuming I have the budget
> to buy two machines (hopefully I do), i would doing something very similar.

I'd almost go so far as to say it'd be better to purchase and deploy two cheap
Squid servers than one really good one :)


> >You mentioned the number of employees, but not the available bandwidth
> >or the current average and peak traffic volumes for desktop web browsing.
> >
> Well, we have a T-1 currently. One of my current tasks is to measure our
> bandwidth usage. It definitely needs to be cutback. The CEO was very
> nice in letting users "surf" freely for awhle. However, after a recent
> nasty incident, the door will slam shut on that very soon. Hence, the
> "go ahead" on my long awaited squid proxy server.

You'd be hard pressed to find a server which isn't up to saturating a T1.

> Is there another plugin of some sort that works in conjunction with
> squid for web content filtering? I've come across another one called
> http://www.safesquid.com

This is the first I've seen of this product.  Interesting, and cheap.


> I really need some type of addition to squid to filter out crap and
> ensure it doesn't get on my users computers (spyware...). Since most of
> our vendors websites use only IE, I am unable to switch others to
> something like Firefox. So, im stuck

I stop the most annoying spyware with a combination of router ACLs
and blocking the spyware domains in my caching nameserver.

You can address a subset of spyware by upgrading your desktop AV
(Symantec, McAfee, etc) to add their host-based spyware protection.


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux