g***@tonarchiv.ch
2016-06-05 17:35:52 UTC
Hi there,
I wanted to make our PF server as light-weighted as possible. What
services can be turned off if one uses only pure layer-2 inline
enforcement? There are no VLANs, just two NICs. One goes to the access
points, the other to the WAN.
Of course I can turn off all RADIUS components.
I also can turn off graphite and carbon components, when there is no
need for the dashboard.
But I'm not sure about collectd and statsd.
What about snort - do I need this for pure layer-2 inline enforcement?
I also turned off haproxy, because there is no load balancing / proxying.
So what is the absolute minimalistic set of services I need for inline
enforcement?
Any help would be much appreciated!
Best wishes,
Till
I wanted to make our PF server as light-weighted as possible. What
services can be turned off if one uses only pure layer-2 inline
enforcement? There are no VLANs, just two NICs. One goes to the access
points, the other to the WAN.
Of course I can turn off all RADIUS components.
I also can turn off graphite and carbon components, when there is no
need for the dashboard.
But I'm not sure about collectd and statsd.
What about snort - do I need this for pure layer-2 inline enforcement?
I also turned off haproxy, because there is no load balancing / proxying.
So what is the absolute minimalistic set of services I need for inline
enforcement?
Any help would be much appreciated!
Best wishes,
Till