[squid-users] Performance of antivirus proxy solutions?

From: Peter Olsson <pol@dont-contact.us>
Date: Wed, 18 Jan 2006 08:47:49 +0100 (SNT)

Hello!

This is maybe not strictly a squid question, but I still think/hope
that the squid list is the best candidate for good answers.
I have read a lot of archived messages about different antivirus
solutions, but I haven't found many that deal with the performance
issue.

We have about 5000 users which use squid as proxy towards Internet.
We run four separate squid servers at different locations, for
load balancing and redundancy. The peak load on these four servers
is about 5 Mbps each, and the average load during office hours is
about 3-4 Mbps each. The size of the squid caches vary depending on
hardware in the proxy servers, from 10 GB to 40 GB.

We now want to add antivirus to the solution. We use clamav for
email antivirus, so we are thinking about clamav for proxy
antivirus also. But what should we use to activate the virus
scan, that won't make a big impact on the performance?
The solution must also be stable.
All our servers run FreeBSD, so there would have to be some very good
arguments for us to run the antivirus solution on any other platform
than FreeBSD.

We have made some tests with SquidClamAV_Redirector.py, which
doesn't seem to be able to keep up with the performance demands.
We have briefly looked at some other free solutions, but none of
them seem to be made for this kind of load. I'd be happy to be
proven wrong on this.

We have also looked at DansGuardian and SafeSquid, but we haven't
setup tests with them yet. Has anyone got load/performance opinions
on these, related to our demands?

Are there other suitable products which we have missed?

We would love to get some input on this issue.

Thanks!

-- 
Peter Olsson                    pol@leissner.se
Received on Wed Jan 18 2006 - 00:48:11 MST

This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:01 MST