2015-05-16

CacheGuard OS Appliance

About CacheGuard OS

CacheGuard OSOur core product CacheGuard OS (Operating System) is an integrated solution based on a custom-hardened version of Linux built from scratch and especially designed to manage Web traffic. It integrates the best technology into a Ready to Use solution. The result is a powerful and turn-key solution that allows you to protect and optimize Web traffic traversing your Web infrastructure.

CacheGuard OS features numerous Web Security and Optimization technologies in a single functional network equipment. Technologies like Proxy, IP Firewall, Bandwidth Shaping, Caching, HTTP Compression, URL filtering, Web Application Firewall and Web Malware filtering are all integrated into a unique Operating System with respect to a high level of integration. The Web Security issue can be fixed easily with CacheGuard OS.

CacheGuard Machine Requirements

To implement the CacheGuard OS in forwarding mode (to protect Web surfers) the most important factor is the total number of end-users. A capacity manager integrated to the OS tunes the appliance during the installation for the given number of users.

According to the the capacity management policy all end users are not connected at the same time but just 20 percent of them. For instance an appliance tuned for 100 end-users allows you to protect 100 not named users. So the appliance is tuned to run for 20 simultaneous users. Of course a burst of 100 simultaneous Web connections will be granted for a short period of time.

To implement the CacheGuard OS in reverse mode (to protect Web servers) you

should consider the number of simultaneous Web connections rather than the total number of users.

CacheGuard HW

For 100 end-users (20 simultaneous users), a typical hardware configuration is:

  • Architecture: x86/x64
  • CPU: Intel Core 2 Duo
  • RAM 4 GB
  • HDD: 200 GB
  • Network: 2 x Ethernet 100 Mbps NIC

For more users, choose a server with more RAM, CPU Core and HDD Storage Capacity. As a rule, add 1 GB of RAM and 75 GB of HDD Storage Capacity for every 50 users. For instance an appliance tuned for 200 users requires a machine with 4 CPU core, 6 GB of RAM and 350 GB of HDD Storage Capacity.

A CacheGuard Appliance runs better with several low storage capacity HDD configured as a RAID compared to a single high storage capacity HDD (CacheGuard OS supports RAID 0, 1, 5, 6 and 10).

With CacheGuard you have the possibility to activate all integrated security and optimization features at the same time. Some features (like the HTTP real time Compression or the Antivirus) are more CPU intensive than others. The above given configuration is required when you intend to activate all available features at the same time. You probably need less hardware resources if you don’t need to activate all available features integrated into the CacheGuard OS.

Note that CacheGuard OS may be installed for a minimal number of users on a mini computer. The minimum hardware configuration for 5 users is as follows:

  • x86/x64 Architecture
  • CPU Intel Pentium IV
  • 348 MB RAM
  • 8 GB HDD
  • 2 x Ethernet 100 Mbps NIC

CacheGuard OS Licensing

CacheGuard LicensingCacheGuard OS is the result of the aggregation of multiple Open Source Software (as OSI definition). All CacheGuard software components are subject to the GNU General Public License v3 while the aggregation of those components and other Open Source Software forming the CacheGuard OS is licensed under the CacheGuard License Agreement.

Please note that integrating numerous services into an integrated ready solution leverages the implementation work, improves performances and reduces the TCO (Total Cost of Ownership) of the final solution.

CacheGuard Technical Features

Network

  • Network Appliance
  • Internet Gateway
  • Web Load Balancer
  • 802.1Q VLANs
  • Support of NTP
  • Traffic Shaping
  • DHCP Server
  • Caching DNS
IP security

  • Internal/External/Auxiliary zoning
  • Forwarding and Reverse Web Proxy
  • Transparent HTTP Proxy
  • Proxy chaining and parallel implementation
  • Access lists
  • IP Firewall with NAT and PAT
  • Blocking Synflood, Port Scan, Spoofing…
Web Security

  • URL Filtering with blacklists and white lists
  • Automatic blacklists updating
  • URL Filtering with regular expressions
  • Web Application Firewall (XSS, SQL Injection…)
  • Access Logging
  • LDAP authenticating
  • SSL Terminator
  • SSL Mediator/Inspector
  • Web Antivirus at Gateway
High Availability

  • RAID capabilities
  • Backup & Restore on spare machine
  • Ethernet link bonding
  • VRRP Redundancy
  • Multi WAN support
Web Optimization

  • Persistent Web caching
  • HTTP Compression
  • Web Cache sharing
  • Web Traffic QoS
Administration

  • Online configuration commands
  • Console port administration
  • Remote administration with SSH and HTTPS
  • SNMP agent and trap generation
Screenshots
Download
Learn More