What Firewall do i need?

[Izi]

I am currently building a dell server to host web applications and other online software. (before now I have rented hardware)

In all appoximatly 100,000 users a day will be using the server to access web applications.

Can some one please recommend a simple to use firewall for this estimated traffic level?

I was told a Juniper SSG20 Hardware firewall would do what I needed. They are still £500 though which is quite expensive.

Many thanks

 

[Izi]

If you're genuinely getting a 100,000 users a day (on one server? That's an 'interesting' bit of design) then a) that sort of cost should be no big deal b) you're going to need at least an SSG20

Its not one one server, its spread over three at the moment.

Just realised that I didnt really explain what I mean very well by 100,000 users. When I say 100,000 users, I mean that the server is visited 100,000 times over a day. These are not unique users, but rather a split of 50k unique users all coming back at least once.

As for cost, £500 quid is a lot when you consider software licensing (SQL server / windows / backup etc) and hardware + time to actually set it up.

Firewalls are obviously important so dont want to skimp on them for the sake of a few hundred quid.

EDIT....

Refering to you saying 'An interesting design', why is it not a good idea to serve that many user on one server? Say i have duel quad xn proc's, plenty of ram and vitualize three servers and alocate resources appropriatly, is that not a good way to go?

It saves on buying three servers, save money co locating, saves electricity and you get the same end result. Am i missing something?

 

[Izi]

Its a web application server, so all users are routed through IIS. The server is serving web pages only. Its not 100,000 people connecting to exchange for example.

I get your points regarding redundancy. It is nice have the set up we currently have where should one server is down it only affects a third of our users. However, the most downtime we have had to do in 10 years is the time it takes to reboot the server. (Ok, and we had to replace a hard drive once, but that was done with in an hour)...

However, now you have all said that I dont know what to do!

 

[Izi]

snip

Thanks for the informative post.

I suppose you are right, it does depend how mission critical the data is. I am hosting websites which are e-commerce / news and generally business based. I dont host real finance apps where 100% uptime is needed. I do tell my clients that if they want redundant hosting then it will cost them and I can get a price.

If I were to purchase a dell, and I add the 3 year 4hr mission critical support, then technically they should be able to fix the server with in 4-6 hours at the most? This is assuming the worst and a motherboard fail or similar... I will be getting hot swop hard drives and ram.

 

[Izi]

yeah, i guess... at least your being upfront with your customers i suppose... they ought to do some sums to work out how much money they will lose on the e-commerce side with 4-6 hours downtime though...

Yeah, I am always upfront about it, and always give the client the options available to them.

I dont think any one of my clients would be willing to pay more than double for redundancy, baring in mind that in 10 years we have had 1 hour with out service on one server. Saving the monthly on hosting over 10 years will far out weight what SME e-commerce will lose if the server went down for a few hours.

Its still a tough decision though, and I need to spend more time thinking what I should do.

Out of interest, how often have other admins here had serious problems with hardware? How often have you had a main board go for example?

 

[Izi]

is this something that your placing at a customer site, or are you turning yourself into a mini-hosting company?

Customer sites, not a hosting company!

Thanks for the replies.... still going to think long and hard about this.