As the Title suggests, we have a lot of Internet issues.
We have 2500 users who are accessing an uncapped 12mbps down / 3 mbps up Satellite connection.
This is a corporate environment
Unsurprisingly, we always max out the connection and have some unhappy users complaining that the Internet doesn't work...
Purchasing more internet is not an option, as the Satellite Links are incredibly expensive.
So we are looking at possible ways to ensure that the Internet link is used the most effectively.
More than happy to buy kit, even expensive kit, as the Return On Investment for anything that reduces the need for more Internet costs would be easy to justify.
Our current environment uses an Cisco ASA 5540 as the Firewall and we have a Cymphonix Network Composer (now owned by untangle) as the Web Filter and basic traffic shaping.
This works, but im sure there must be something more out there that will allow us to better manage the Internet traffic so that we can ensure the best possible internet experience for our users. And give better reporting than the Cymphonix.
Also, VERY IMPORTANT, is that the level of skillsets with the IT area for maintenance of the devices is low, so we will need something that is reasonably easy to maintain (again, happy to pay for that!) and is easy to work with.
Does anyone have suggestions for:
(with differing rules for different AD Groups, ie Streaming media ok for some, restricted for others, blocked entirely for some, volume based shaping would be good too ie. User gets 200mb of Streaming Media or Internet as a whole unrestricted, as soon as they go over that they are shaped right down to something small)
Prioritising of Traffic
(able to prioritise certain traffic, websites or AD users so their internet takes precedence, ie for Video conferencing or Online Exams)
(with differing rules for different AD Groups, HTTPS filtering as well)
Block of unwanted traffic
(time based, ie P2P blocked always but Online backups, Dropbox etc, available at night)
Comprehensive Monitoring and Reporting
. (Be able to identify users and PCs clearly, drill down options on the traffic)
We would probably prefer a commercial option, even up to the ISP quality equipment, to ensure that we can do this right.
We have considered devices like Procera Packet Logic http://www.proceranetworks.com
But would like to get an understanding of what else is out there.