-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Most of the time we run into bandwidth bottlenecks long before the hardware limits us, especially with VPNs.
Additionally, the larger the client the more restrictive the internet access tends to be. For instance our largest client does not allow any direct access to the internet. All access is via the on site mail server and proxy (essentially all access is by proxy). Consequently in my experience the hardware is rarely a limiting factor. Finally, for site to site VPNs, we use WAN accelerators (we have been very happy with the Riverbed appliances). They cut the bandwidth used, sometimes by a large percent. So, just like commercial products, IPCop can scale (to a point) but in the larger/more complex environments it is best though of as a component in a larger puzzle. I have single role deployments of IPCop, such as a proxy or VPN server in combination with a different border solution. Kevin Anderson wrote: > Snort will need as much processor and RAM as you can throw at it, > particularly if you're snorting in both directions. > > A P3-1000 with 512 Megs of RAM will easily meet a corporate office's > needs for say 50 users. Where you need more is: > 1) Snort. (Plan that this will increase the load by *10) (yes, I'm > serious). > 2) VPNs. I'd say add an extra 50 MHz and 64 Megs RAM per concurrent > connection.. > > With a really busy connection you will not find enough processing power > to handle Snort in both directions. Period. My suggestions for VPNs > are likely on the high side, but better safe than sorry, I come from a > corporate environment, not home use. We were never able to find enough > processing power to use Snort in our environment, not even in 1 > direction. That was prior to the Dual Cores however. Also we connected > 5 offices via VPNs, totaling about 130 people. All traffic on our e10 > passed through that box. We bursted occasionally, but never really > filled the full 10 megs to capacity for any length of time. > > Kev. > > -----Original Message----- > From: Neil Bower [mailto:[EMAIL PROTECTED] > Sent: Saturday, July 28, 2007 1:42 PM > To: [email protected] > Subject: [clug-talk] IPcop Usage > > I'm looking for feedback from people using IPcop to get a comparision of > the differences in usage. > > What hardware specs are you using for IPcop? (ie processor specs and > amount of > memory) > > If you are using additional modules or add-ons to the base install, what > are they? > > How much memory is your system using including swap? > > What is your basic usage for this box? (ie home network, small office, > large office, supporting mail, web sites, number of users, etc.) > > I have an Intel 1.60GHz with 256Mb of memory plus 32Mb of swap. Running > a base install with snort, I'm using about 200Mb of memory. This box is > for personal use - no web services, no e-mail, etc. > > Any feedback is welcomed. > > Cheers! > > Neil B. > > _______________________________________________ > clug-talk mailing list > [email protected] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying > > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGr1gNwRXgH3rKGfMRAnMGAJ9G/w7T5mAGhSZvddmcnE/kKRQppwCgqwYv ZsRtOrX6MgMAYR7lkJxWHcI= =T7Kv -----END PGP SIGNATURE----- _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
