republican-creole
site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Equipment Support > Hardware By Brand > Other Manufacturers > Russians

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Forum FAQ ·Forum Guidelines ·ActionTec ·Alcatel ·Proxim/Orinoco ·Xincom
AuthorAll Replies

sk1939
Premium
join:2010-10-23
Washington, DC
kudos:9
Reviews:
·T-Mobile US

reply to tubbynet

Re: Russians

Well that makes sense then.

It's unsolicited, nothing that goes on in the network has anything to do with any domain in Eastern Europe.

I really want to block the entirety of Eastern Europe, but I can't think of an easy way to create a rule to block that many various IP's.

Funny you mention the SRX line, I'm thinking of replacing the SSG with an SRX100or MAG2600 for VPN/IPS performance. There is a TippingPoint 1200E in place right now for IPS, but it's sheer overkill for a 25/25 Metro-E connection.
to forum · permalink · 2011-08-10 01:16:44 ·


tubbynet
reminds me of the danse russe
Premium,MVM
join:2008-01-16
Chandler, AZ
kudos:1

said by sk1939:

I really want to block the entirety of Eastern Europe, but I can't think of an easy way to create a rule to block that many various IP's.

look at the registry entries for the rir that handles europe. you'll get a good idea of the blocks allocated.

Funny you mention the SRX line, I'm thinking of replacing the SSG with an SRX100or MAG2600 for VPN/IPS performance.

srx100 or srx240 would fit the bill nicely. i believe the 240 gives you clustering abilities, where the 100 doesn't. nice feature to have if you standardize on a platform at all sites, as it allows you to scale accordingly. in terms of raw performance -- the srx line is monsterous and will eat just about anything out there in the same size class.

q.
--
"...if I in my north room dance naked, grotesquely before my mirror waving my shirt round my head and singing softly to myself..."
to forum · permalink · 2011-08-10 01:24:36 ·

sk1939
Premium
join:2010-10-23
Washington, DC
kudos:9
Reviews:
·T-Mobile US
1 edit

I was referring more to the entry of the giant list of IP addresses into the SSG.

I'll get a price quote for the 240 and see, but we have more Cisco gear than not on the remote sites. There are only a handful of SSG5's floating around. Also I just notice that the 240 is 4x the cost, so I'll have to take that into consideration as well.

to forum · permalink · 2011-08-10 13:09:13 ·


LazLong

@sbcglobal.net

reply to sk1939

said by sk1939:

I really want to block the entirety of Eastern Europe, but I can't think of an easy way to create a rule to block that many various IP's.

Your "Russians" subject line caught my eye, and I noticed you would like to block traffic based upon geography. Astaro will do that, if you are interested in moving to another appliance. My only experience with Astaro is on my home network, but I absolutely love it. I was using Untangle because of Astaro's 10 IP limit for free home use, but they have since then changed the license to 50 IP's for home use and I switched. I love Astaro's reports and change tracking.

No, I am not an Astaro employee or reseller; just an enthusiastic user.
to forum · permalink · 2011-08-14 02:54:31 ·
Forums > Equipment Support > Hardware By Brand > Other Manufacturers

Wednesday, 19-Jun 21:39:04 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 13.5 years online © 1999-2013 dslreports.com.
Most commented news this week
Hot Topics