|
/
Zope
/
Apsis
/
Pound Mailing List
/
Archive
/
2004
/
2004-01
/
pre-installed Pound
[
ssl-headers - public cert / "listor" ... ]
[
Some comments on Pound / "listor" ... ]
pre-installed Pound
Robert Segall <roseg(at)apsis.ch> |
2004-01-22 08:48:55 |
[ FULL ]
|
Given the number of queries we get about installing Pound I talked to
our management and they agreed to look into the possibility of offering
Pound pre-installed on some hardware.
Basically I am thinking about two possibilities:
- Pound + OpenBSD on our ASD2v hardware - http://www.apsis.ch/asd2v.html
The ASD2v is a small box with no moving parts (fan-less power supply,
FLASH disk). Given that this is based on a NS2 at 300MHz such a
configuration would probably be good as a small Firewall/NAT/proxy box
for moderate traffic - say about 350'000 to 750'000 requests per day.
Given sufficient interest we could probably offer this at about EUR 500.
- same software on Shuttle-type hardware - again no moving parts but
much faster CPU and more RAM. Such a configuration would easily go to
2'000'000 - 4'000'000 requests per day. The price would probably be
about double the above.
In both cases you would need to install the Web server(s) on separate
hardware and provide for logging (via syslog) over the network.
Please let me have your opinions on the configurations (changes and/or
additional options) and if you would be interested in such an offer - we
won't proceed with this unless there is solid interest.[...]
|
|
|
Re: pre-installed Pound
Jaime Nebrera Herrera <jnebrera(at)jazzfree.com> |
2004-01-22 13:02:47 |
[ FULL ]
|
Hi Robert and others:
[...]
We were thinking more or less the same way but with some differences:
* Preinstalled on Lince, a Leaf variant developed by us (based on Linux).
Besides Pound, you will have firewall and QoS. Actually, we were planning to
sell just that, with some other features we have developed (antivirus email
proxy, internet content filtering, ...)
* Use a different box: Via Eden 533, 3 Realtek ethernet, no moving parts,
gorgeous design. This box is available at 866 too (with small fan) and a new
one will be available quite soon at 1000 Mhz FANLESS. Also you have the
choice of installing 2x 10/100 from Intel + 1x GigaEthernet again from Intel.
The software will be installed in a Compact Flash. The price will be around
475E + VAT + Shipping for the base system (533 Fanless + 3 Realtek)
You can find some pictures of the box at:
http://www.eneotecnologia.com/soho_fotos.html
* Right now we have a JAVA GUI available to manage the firewall itself, but
is NOT possible to manage pound trough it. We are searching for a group of
financial sponsors that pay for such addition. Bear in mind this application
is NOT GPL, but those sponsors would get special prices afterwards (like not
paying for the pound extra or a given number of licenses of the full GUI)
You can find pictures of it in:
http://www.eneotecnologia.com/archivos/gui-1.jpg
http://www.eneotecnologia.com/archivos/gui-2.jpg
http://www.eneotecnologia.com/archivos/gui-3.jpg
[...]
In our case it will be optional to install a 2.5" Hard Disk just for
logging, but indeed its better to use an external syslog server.
[...]
As you see, we were walking more or less in the same direction.
My working email is jnebrera_AT_eneotecnologia_DOT_com
Regards
[...]
|
|
|
Re: pre-installed Pound
"listor" <listor(at)vmm.se> |
2004-01-22 13:04:48 |
[ FULL ]
|
Hi,
I ainīt no end costumer, but I do believe that there would be a market for
this type of hardware. From what I know of the market is that the customers
doesnīt know what a reverse proxy is and what it can do for them.
Of course there already are alot of small firewalls somewhat like this, but
none have the reverse-proxy functionallity, that could make it a winner for
some end customers.
Maybee one idea is just to have Pound installed, to make the product more
exceptionall ?
If there is a good admin-gui to Pound and the Firewall then 500EUR shouldnīt
be too high...
Would you consider using retailers in other countries or do you want to sell
directly to end-costumers ?
If the firewall functionallity should be installed maybee it would be nice
to have a DMZ-zone . From what I read in the spec. it did not support that,
maybe you have a reason for this.
//Mikael Larsson
----- Original Message -----
From: "Robert Segall" <roseg(at)apsis.ch>
To: <pound(at)apsis.ch>
Sent: Thursday, January 22, 2004 8:48 AM
Subject: pre-installed Pound
[...]
|
|
|
Re: pre-installed Pound
Robert Segall <roseg(at)apsis.ch> |
2004-01-22 13:41:48 |
[ FULL ]
|
On Thu, 2004-01-22 at 13:04, listor wrote:[...]
I'm sure we could arrange for a simple config GUI, though that was not
the original intention. Volunteers anyone?
[...]
This was meant as a service to the community - thus the relatively low
prices (essentially at cost). I'm sure my management would have nothing
against appointing distributors in other countries. Please contact Apsis
directly (Ms. Landolt brilan(at)apsis.ch) for details - that's really not
my domain.
[...]
There is a way to add a third Ethernet interface via the USB ports, but
it's a hack. We are strongly against this type of configuration for
security reasons - you have one box hacked and the attacker has full
access to your internal network.
We normally install the ASD2v in high-security environments. If there is
a need for a DMZ we use two boxes: one as an interface between the
outside world and the DMZ (including port mapping, NAT, DNS, DHCP, etc),
the second (usually in bridging mode without an IP address) between the
DMZ and the internal network. Better safe than sorry...[...]
|
|
|
|
