Building your own ISA appliance from scratch (Full Version)

All Forums >> [ISA Server 2004 Misc.] >> ISA Firewall Appliances



Message

Money Penney -> Building your own ISA appliance from scratch (16.Jan.2006 4:31:44 AM)

After running everything on the one server for my small IT consulting/support business it is time for me to look at pulling things out on to separate boxes (i.e. the server failed and I kicked myself that it meant that nothing worked, no email, no Internet, no file and print, etc).  I do a lot of SBS installs so part of my logic was to ensure that I ran a similar environment to my clients, however this is not such an issue for me anymore (although this failure reminded me why I spend so much time monitoring and tuning my clients servers to keep them running... something I need to do more of for my own servers).

Anyway back on track.  I was thinking of building my own small ISA "appliance" from the ground up.  My ideal is for the device to be low power and noise as I work from a home office, so rack mount is out for now.  I am thinking MicroATX MB and case, P4 with 512MB is more than enough for my needs.  Just wondering about case/PSU choices.  There are lots of HTPC cases out now with that being the latest fad, has anyone seen any small cases that are quiet but not so much targetted at home theatre, or perhaps are HTPC but would be suitable for this build.  Recommendations on motherboard make/model also appreciated, needs to be cheap enough but still quality and with the right features (onboard video, dual NIC, etc.) AMD is probably cheaper, but I am too much of an Intel man to change now.

If anyone has any suggestions on parts, configuration, etc. that would be great.  I have a few articles on hardening Windows 2003 and ISA which I will follow.  Has anyone else tried to do this themselves, I realise this sounds more like hobby stuff, but if I can do a good job then I might think about doing them for my smaller clients (if they prove price competitive compared to professional appliances).

Was wondering how well a box like this would run with a Pentium M processor?



LLigetfa -> RE: Building your own ISA appliance from scratch (16.Jan.2006 5:30:22 AM)

IMHO, 512 meg RAM is way way too lean.  Even with MSDE capped, I would look at four times that amount.

www.silentpcreview.com has some good info worth checking out.



tshinder -> RE: Building your own ISA appliance from scratch (16.Jan.2006 5:01:28 PM)

Hi Les,

I run a custom ISA firewall appliance with a 1.2 GHz processor and 256MB of memory. For a five person office it works a treat! The HDD is 20GB.

Tom



LLigetfa -> RE: Building your own ISA appliance from scratch (16.Jan.2006 8:13:11 PM)

Now that is frugal.  I don't think I have a single W2K3 server in my farm that can run with 256 and not swap to pagefile.

My ISA server Commit Charge (PF Usage) is at 2.8gig and I run 3 gig total RAM with MSDE capped at 1 gig and a good chunk dedicated to RAM cache.



Money Penney -> RE: Building your own ISA appliance from scratch (16.Jan.2006 9:39:55 PM)

It's all about matching the specs with the requirements.  This ISA box will be servicing one full time user (me) and one part time user.  I agree that more RAM is always better, especially when running SQL or Exchange.  But if it's just 1-2 users at a time I don't think there would be many complaints about performance problems for Internet access.

I have clients running SBS 2003 with 1-2GB of RAM and they run pretty smoothly when you compare it with what they had before (peer to peer with no backups or firewall).  I would agree from a techie viewpoint that more RAM would make the server run better but I keep an eye on performance and they certainly would not gain any significant business advantage with more RAM at this point.

In fact my current all in one box is running on 2GB quite happily.

RAM is relatively cheap, but small business likes to ensure that every cent is justified and well spent.

Cheers
Mark



tshinder -> RE: Building your own ISA appliance from scratch (17.Jan.2006 3:42:54 PM)

quote:

ORIGINAL: LLigetfa

Now that is frugal.  I don't think I have a single W2K3 server in my farm that can run with 256 and not swap to pagefile.

My ISA server Commit Charge (PF Usage) is at 2.8gig and I run 3 gig total RAM with MSDE capped at 1 gig and a good chunk dedicated to RAM cache.


Hi Les,
I've got mine tuned to work with that hardware and it works pretty good. There is a nominal amount of paging, but nothing significant and the box isn't thrashing around the clock [:)]

The machine was a rack mount device I had on hand and thought I'd try to test the lower limits of the ISA firewall spec. I didn't expect it to actually work, but then it turned out to work so well I decided to keep it. Of course, I'd never create such a low spec device for a customer :)

Tom



Page: [1]