Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

SBS 2008 Proxy

Posted on 2010-09-17
18
Medium Priority
?
1,345 Views
Last Modified: 2012-06-27
Here's what I have.

1 SBS 2008 box, and 1 2008 Standard box. The SBS box is the DC, and I am wanting to setup a proxy server to help with our downloads of updates and such so that it can be cached on the proxy serer and save on bandwidth. We had done it previously with a 2003 SBS inside ISA but with 2008 having ISA removed, I am a little lost on this one. Both servers have Dual nics and are both Dell Poweredge 2900's. I would prefer to use tools and software solutions that are no or low cost.
0
Comment
Question by:anotherhick
  • 7
  • 6
  • 4
  • +1
18 Comments
 
LVL 20

Expert Comment

by:woolnoir
ID: 33701110
As far as i know 2008 SBS doesnt include proxy functionality, as you mentioned this was removed between 2003 and 2008 - iSA has been re-released as TMG (threat management gateway).

http://msmvps.com/blogs/thenakedmvp/archive/2008/06/06/sbs2008-the-best-response-yet-to-the-quot-why-no-isa-or-other-built-in-firewall-quot-question.aspx
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 33701181
ISA has been replaced by Forefront, which you could add to your network. It is not sold with SBS 2008 std or premium.
If it is just for Windows updates, SBS does that by default with WSUS.
The other option, as Forefront can be pricey for a small network, though very powerful is a 3rd party solution:
http://www.computalynx.net/software/cproxy/features.asp
http://www.websense.com
http://www.surfcontrol.com/ 
http://www.rhinosoft.com/AllegroSurf/

0
 
LVL 11

Expert Comment

by:Coast-IT
ID: 33701210
As far as the functionality you require, just set up WSUS so that clients dont have to go out to the internet and the download just gets downloaded once.

thus giving you your caching functionality.

http://learn.iis.net/page.aspx/239/deploying-updates-with-wsus-30/

If you are only using your proxy for this, use WSUS
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 78

Expert Comment

by:Rob Williams
ID: 33701362
The printer index is out of bounds
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 33701370
Sorry "The printer index is out of bounds" posted in error.
--Rob
0
 

Author Comment

by:anotherhick
ID: 33702137
I guess I forgot to specify an additional caveat/requirement.  We use this to update multiple client computers and can't install a software client as the systems don't remain in our central office location for long periods of time.  We'd previously ruled out WSUS as it requires a client be installed and the server stay static.  We're really looking for a way to save the bandwidth required to manually download the various Windows updates on all of the systems without using WSUS.  We ew're hoping we might use a proxy server to cache the updates and save some bandwidth.  If this wouldn't work does someone have an alternative that would allow us to cache these updates in an easily accessible form that the Windows Update web site could make use of?
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 33702362
Then maybe consider using an external proxy server, either a linux solution, a appliance (box) or a third party proxy server which can be installed onto the SBS server.

Its not really going to be an option to use a MS solution without expense...do you want me to suggest alternatives, or do you have restrictions about what can go on your network ?.
0
 

Author Comment

by:anotherhick
ID: 33702572
@Wollnoir,

I have no problems with doing a linux box for that purpose, the only downside I see to that is that I am very limited in my experience with Linux. Do you have any insight as to flavor of linux, and or hardware that I might need to accomplish this?
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 33702985
Is it primarily for windows updates, or are you wanting to cache other items as well?

Are the machines members of your domain?
0
 

Author Comment

by:anotherhick
ID: 33703930
@RobWill

Part A: I am wanting to cache most of the things we download inside of a windows / application build. (Windows Updates, Applications like reader and updates, itunes, etc. )

Part B: No the machines are not members of my domain.
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 33704024
Agreed then, a proxy server would be best. There are a few Windows based ones for free but I am not familiar with them, I am sure others are.
I assume you didn't buy Software Assurance for ISA? If so you can reinstall it on another server.
0
 

Author Comment

by:anotherhick
ID: 33704195
That is correct.
0
 

Author Comment

by:anotherhick
ID: 33719450
Ok, what distro of linux would work best for this, and I can DL anything that I need. Also, what additonal steps should I take after downloading and installing the linux OS?
0
 
LVL 78

Accepted Solution

by:
Rob Williams earned 1000 total points
ID: 33724622
I was waiting to see if woolnoir would suggest a Linux solution. I am not a Linux guy, gave it up years ago :-)
However the one I hear of most often is Squid: http://www.squid-cache.org/
Quick Start Guide:  http://www.visolve.com/squid/sqguide.php
You can Google lots more. There are many Windows versions available but I am not aware of a free one and you would need an O/S as well.
0
 

Author Comment

by:anotherhick
ID: 33810283
Yeah, I'm giving up on the Linux box, too much issues with trying to configure stuff.
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 33810304
@anotherhick its not that crazy, if you get any linux distro such as ubuntu and install 'webmin' you get a really nice graphical front end. Using squid especially allows most if not everything to be configured throught he GUI ...
0
 
LVL 20

Assisted Solution

by:woolnoir
woolnoir earned 1000 total points
ID: 33810315
This is a good guide which allows setup as a transparent proxy, that way clients wont even know its there.

http://www.ubuntugeek.com/how-to-setup-transparent-squid-proxy-server-in-ubuntu.html
0
 

Author Comment

by:anotherhick
ID: 33810535
Thanks, I was having trouble finding any info that was step by step. One question does this setup need two NIC's? If so, how exactly would that config?
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
Exchange database can often fail to mount thereby halting the work of all users connected to it. Finding out why database isn’t mounting is crucial and getting the server back online. Stellar Phoenix Mailbox Exchange Recovery is a champion product t…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question