Sanity Check (Full Version)

All Forums >> [ISA Server 2004 Cache] >> General



Message


MZehner -> Sanity Check (28.Mar.2005 11:42:00 PM)

Hi All -

We have used ISA 2000 for some time now as a cache server behind T1 type links and are very satisfied with its performance.

In the near future we will be replacing our T1 links with a single 100mbps (full duplex) link.

I plan on using multiple ISA 2004 Standard servers (3-5) as cache servers behind an edge firewall. We are a K-12 school district and have about 5,000 computers in total that could be potentially hitting the Internet although we have never come close to that number.

My question(s) revolves around using ISA 2004 as an edge firewall. I have read Tom's ISA 2004 book (What a great resource!) and have noticed that there are no hardware specs for a 100mbps link. The fastest link specified is a 45mbps link. I would not do much application filtering at the edge expect for complex protocols such as FTP. All HTTP Application filtering would be done at our cache servers. We currently have about 20 miscellaneous ports open on our current firewall for various applications (e-mail, DNS, etc.)

Question 1: Is anyone out there currently using a Standard version of ISA 2004 on a link this size, with a similar user base and happy with the performance? If so would you please tell me about the hardware you are using?

Question 2: Do I really need to be looking at the Enterprise version of ISA 2004 to do this? Any recommendations on number of array members and type of hardware?

Any feedback regarding this would be greatly appreciated.

Thanks!




tshinder -> RE: Sanity Check (29.Mar.2005 1:27:00 PM)

Hi Mikie,

If you plan to run that link full tilt, and plan on doing any stateful application layer inspection, then I would recommend enterprise edition and NLB.

HTH,
Tom




Page: [1]