proxy server new implementation

[Julien]

Hi Guys,
we trying to configure a webproxy server for a new infrastructuur.
I am going to configure a transparant SSL Proxy.
Do you suggest to do so on 17.1 or wait for the final release ? what about the iPhone/iPad users do we have to install the SSL certificate on those devices too ?

thank you for your support

[fabian]

There will not be a lot of changes because the final version will be released soon, so you can install 17.1 RC now if you like.

You will need to install the certificate on all devices, which are using the proxy. This also includes mobile devices.

[Julien]

Thank you for your support.
Can you please tell me why when i activate the Intru detections the internet speeds become 50% less, from 100MB to 50Mb ?

[franco]

That's a complex question:

Hardware / NIC drivers matter (native Netmap drivers perform better for sure), the pattern matching algorithm (Hyperscan may be faster), the number of rules you use.

Generally:

Very often IPS traffic <<< non-IPS traffic. 50% off isn't so bad.


Cheers,
Franco

[Julien]

That's a complex question:

Hardware / NIC drivers matter (native Netmap drivers perform better for sure), the pattern matching algorithm (Hyperscan may be faster), the number of rules you use.

Generally:

Very often IPS traffic <<< non-IPS traffic. 50% off isn't so bad.


Cheers,
Franco

Thank you Franco for the explaination.
i got the idea now