I'm running two of these HP guys on my network. The only hang up I've had is the DTC service is disabled from the hardening. I had to re-enable it to get Win2k3 SP1 installed. Otherwise these are GREAT appliances.
Or you can implement software raid, which works for us. However to implement it we had to restore the image hp provides on the extra hdd and then delete the os partitions, we could then create a sw raid 1 set-up for the os partitions.
The restore on the disk just to create the bootable HP partition where the boot flag is stored.
Unfortunately it's impossible to create a sw raid 1 for the HP partition.
A vendor came in and installed a DL 320 appliance. I am trying to locate the firewall client software directory but it's not where it should be. I believe it should be at c:\Program Files\Isa 2004\client but it is simply not there. The vendor is clueless as to why it's not there as well.
If I install ISA 2004 SP1 will the updated client directory be installed? Is there some place to directly download the updated FW client?
Has anybody dealt directly with HP support for support on this product. I've called a couple of times but the HP help desk doesn't seem to know anything about the product. If you have, what # did you call and what HP support team did you ask for?
Keep checking the HP for software updates and there aren't any which is a bit hard to believe.
You should have received a copy of the ISA firewall software CD. Use that CD and the Add/Remove Programs applet to install the Firewall client software. I highly recommend that you do not install it on the firewall. Much better to install it on a file server.
From: 60 miles north of seattle
We've had this appliance up and going since april i believ, no issues.
I'd recommend this HP to anyone.
we run surf control on it as well and it services about 400 people to the internet and vpn connections.
HOWEVER... it took almost 2 months to get this appliance. HP Continually lied to us about the shipping date and what the hold up was. Apparently they were backordered on CD-Roms, then the SCSI HDD's... Then their image was corrupt... I have 9 9Count them 9) email saying my item has shipped. It didnt come till the 9th email from our rep.
VERY dissappointed with Customer service, but a great product, with no problems yet!
From: Fremont, CA
Right after they became available, I recommended that one of my clients purchase the DL320 unit (which I promptly installed for them!). It arrived about 1 week late, but everything was according to spec and setup correctly upon arrival.
After much haggling with the client over implementing a secure rulebase vs. letting the FW stay "open" for web users, I grudgingly left it open for all outgoing web access and locked down the VPN access rules.
Within a month, some pros from the outside did a great job of tearing up the FW, but the unit failed safe - nothing got through. It took five complete passes through the hardware initialization phase before all of the hardware was back to normal and the ISA/OS image could be reapplied. Once that was done, it was business as usual.
After that experience, the client understood WHY we implement a secure rulebase, but they still decided to test our new locked-down rollout... One of the client's employees is married to an FBI data security agent in a nearby city. Unknown to us, the members of his team spent more than 2 weeks trying to break into the firewall and network, without success. Not only did the ISA unit do its job, I was able to alert the client of the attempts and the hacking/probing failure, thus letting them know we were also doing our job. I consider that a good implementation.
Even though it took a long time to return the access to normal, the DL320, the HP configuration tools, the imaging disks and good documentation truly saved the day. While we also install the Network Engines ISA firewall appliance (NS6300/NS6400), I still recommend the HP rollout for environments that need an extra little helping hand.
Have installed a few of these and all good; however have received one that the hardware was not working correctly. It took a few days to replace. I guess this sometimes happens. After the replacement of the faulty hardware all works well. My tip is test the machine for about a week before going live to rid of all the gremlins.
We are evaluating a pair of DL320's and based on the posts here have added Rainwall to the list that we will need to be purchasing. I would like to know if anyone has implemented a pair of DL320's with Rainwall and any feedback regarding the installation.
Our environment is distributed to 17 locations with all Internet access forced through the home office (T1's from the sites, then OC3 to the Internet), there will be approximately 300 workstations routed through the pair to the Internet, both will be behind a pair of PIX firewalls. We are in a Novell environment with an Active Directory implementation set to complete early 2006. The servers will be AD members, users are on AD, but workstations are not yet.