Solved

SBS 2008 Proxy

Posted on 2010-09-17
18
1,283 Views
Last Modified: 2012-06-27
Here's what I have.

1 SBS 2008 box, and 1 2008 Standard box. The SBS box is the DC, and I am wanting to setup a proxy server to help with our downloads of updates and such so that it can be cached on the proxy serer and save on bandwidth. We had done it previously with a 2003 SBS inside ISA but with 2008 having ISA removed, I am a little lost on this one. Both servers have Dual nics and are both Dell Poweredge 2900's. I would prefer to use tools and software solutions that are no or low cost.
0
Comment
Question by:anotherhick
  • 7
  • 6
  • 4
  • +1
18 Comments
 
LVL 20

Expert Comment

by:woolnoir
Comment Utility
As far as i know 2008 SBS doesnt include proxy functionality, as you mentioned this was removed between 2003 and 2008 - iSA has been re-released as TMG (threat management gateway).

http://msmvps.com/blogs/thenakedmvp/archive/2008/06/06/sbs2008-the-best-response-yet-to-the-quot-why-no-isa-or-other-built-in-firewall-quot-question.aspx
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
ISA has been replaced by Forefront, which you could add to your network. It is not sold with SBS 2008 std or premium.
If it is just for Windows updates, SBS does that by default with WSUS.
The other option, as Forefront can be pricey for a small network, though very powerful is a 3rd party solution:
http://www.computalynx.net/software/cproxy/features.asp
http://www.websense.com
http://www.surfcontrol.com/
http://www.rhinosoft.com/AllegroSurf/

0
 
LVL 11

Expert Comment

by:Coast-IT
Comment Utility
As far as the functionality you require, just set up WSUS so that clients dont have to go out to the internet and the download just gets downloaded once.

thus giving you your caching functionality.

http://learn.iis.net/page.aspx/239/deploying-updates-with-wsus-30/

If you are only using your proxy for this, use WSUS
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
The printer index is out of bounds
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Sorry "The printer index is out of bounds" posted in error.
--Rob
0
 

Author Comment

by:anotherhick
Comment Utility
I guess I forgot to specify an additional caveat/requirement.  We use this to update multiple client computers and can't install a software client as the systems don't remain in our central office location for long periods of time.  We'd previously ruled out WSUS as it requires a client be installed and the server stay static.  We're really looking for a way to save the bandwidth required to manually download the various Windows updates on all of the systems without using WSUS.  We ew're hoping we might use a proxy server to cache the updates and save some bandwidth.  If this wouldn't work does someone have an alternative that would allow us to cache these updates in an easily accessible form that the Windows Update web site could make use of?
0
 
LVL 20

Expert Comment

by:woolnoir
Comment Utility
Then maybe consider using an external proxy server, either a linux solution, a appliance (box) or a third party proxy server which can be installed onto the SBS server.

Its not really going to be an option to use a MS solution without expense...do you want me to suggest alternatives, or do you have restrictions about what can go on your network ?.
0
 

Author Comment

by:anotherhick
Comment Utility
@Wollnoir,

I have no problems with doing a linux box for that purpose, the only downside I see to that is that I am very limited in my experience with Linux. Do you have any insight as to flavor of linux, and or hardware that I might need to accomplish this?
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Is it primarily for windows updates, or are you wanting to cache other items as well?

Are the machines members of your domain?
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:anotherhick
Comment Utility
@RobWill

Part A: I am wanting to cache most of the things we download inside of a windows / application build. (Windows Updates, Applications like reader and updates, itunes, etc. )

Part B: No the machines are not members of my domain.
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Agreed then, a proxy server would be best. There are a few Windows based ones for free but I am not familiar with them, I am sure others are.
I assume you didn't buy Software Assurance for ISA? If so you can reinstall it on another server.
0
 

Author Comment

by:anotherhick
Comment Utility
That is correct.
0
 

Author Comment

by:anotherhick
Comment Utility
Ok, what distro of linux would work best for this, and I can DL anything that I need. Also, what additonal steps should I take after downloading and installing the linux OS?
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 250 total points
Comment Utility
I was waiting to see if woolnoir would suggest a Linux solution. I am not a Linux guy, gave it up years ago :-)
However the one I hear of most often is Squid: http://www.squid-cache.org/
Quick Start Guide:  http://www.visolve.com/squid/sqguide.php
You can Google lots more. There are many Windows versions available but I am not aware of a free one and you would need an O/S as well.
0
 

Author Comment

by:anotherhick
Comment Utility
Yeah, I'm giving up on the Linux box, too much issues with trying to configure stuff.
0
 
LVL 20

Expert Comment

by:woolnoir
Comment Utility
@anotherhick its not that crazy, if you get any linux distro such as ubuntu and install 'webmin' you get a really nice graphical front end. Using squid especially allows most if not everything to be configured throught he GUI ...
0
 
LVL 20

Assisted Solution

by:woolnoir
woolnoir earned 250 total points
Comment Utility
This is a good guide which allows setup as a transparent proxy, that way clients wont even know its there.

http://www.ubuntugeek.com/how-to-setup-transparent-squid-proxy-server-in-ubuntu.html
0
 

Author Comment

by:anotherhick
Comment Utility
Thanks, I was having trouble finding any info that was step by step. One question does this setup need two NIC's? If so, how exactly would that config?
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
Moving your enterprise fax infrastructure from in-house fax machines and servers to the cloud makes sense — from both an efficiency and productivity standpoint. But does migrating to a cloud fax solution mean you will no longer be able to send or re…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now