Re: [squid-users] general question regarding future caching proxies

From: Robin Stevens <robin.stevens@dont-contact.us>
Date: Sat, 27 Oct 2001 22:07:13 +0100

On Fri, Oct 26, 2001 at 02:36:11PM +0200, Van Bossche Koen wrote:
> I have a general question regarding the use of webcaching proxies. I assume
> within time it will not have any advantage anymore using webcaching proxies,
> since more and more I see non cacheable pages and bandwith getting cheaper.
> In that case what would be the really benefit of still using caching
> proxies?

In our case the original motivation for setting up side-wide proxying was
the charging model for ac.uk networks: all traffic passing over the
transatlantic links is chargeable during "peak" hours (6am-1am) except for
that going through the national cache. We were thus mandated by The Powers
That Be to set up our own interception proxying system carrying all port 80
traffic, in order to cut our usage bills.

These days there is much talk of the charging policy changing, but I would
look to retain a site-wide proxy for several reasons, even though we're now
on a much faster connection and web traffic consitutes a much smaller
proportion of our bandwidth usage what with the rise in file-sharing
systems and the coming of the "Grid". We can still offer some bandwidth
and response time savings (I'd expect the latter to improve once we're not
dependent on a parent cache for accesses to non-European domains).

But increasingly more important are the security aspects. Code Red was
stopped by squid even before I inserted blocks on "default.ida". Blocks
also stopped Nimda from getting in or out via HTTP. Furthermore we get
detailed logs which we can scan to pick out problem hosts: our first look
for hosts requesting default.ida identified some 34 Code Red infections,
and we've identified quite a few other problems through the cache logs.
Our security people admit to being won over to the merits of the system :-)

-- 
--------------- Robin Stevens  <robin.stevens@oucs.ox.ac.uk> -----------------
Oxford University Computing Services ----------- Web: http://www.cynic.org.uk/
------- (+44)(0)1865: 273212 (work) 273275 (fax)  Mobile: 07776 235326 -------
Received on Sat Oct 27 2001 - 15:07:18 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:03:10 MST