Thanks for your input, it helps getting an inside view from someone who is actually using the product, rather than depending upon the marketing documentation. For now, I think I'll put everything on that one server, and if it looks like it is struggling I'll put a secondary server up to handle the database. Maybe TMG will arrive and save the day! *grin* We went over the redundancy issue in detail several times now and they/we have decided it was acceptable to experience a few hours of outage rather than to pay for another server. The server itself is pretty good, just about everything in it is redundant, so the odds of actual total hardware failure is awfully low. I just save the configuration backups so I can re-install the software pretty quickly if needed. From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of D PIETRUSZKA USWRN INTERLINK INFRA SHIFT MGR Sent: Friday, May 29, 2009 8:40 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: ISA 2006 & Websense That one server is going to be fine for 900 users browsing at the same time, but...... Aren't you going to have any kind of redundancy? To directly answer your questions: 1) No, is not going to be excessive. 2) Everything means (policy server, filtering server, ISA CSS and ISA service)? ISA is going to be the most difficult part I guess, websense is really easy to move, but always will be a downtime (minimum, but downtime anyway). In any case, I would never put just 1 server if uptime is critical. If you can live with internet down for a good amount of hours while you configure a new server in case of a severe failure, then go ahead, if not I would say "fight for more hardware" Regards Diego R. Pietruszka MIS - Shift Manager MSC (USA) - Interlink Transport Technologies Direct Phone: (908)605-4147 From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ball, Dan Sent: Friday, May 29, 2009 8:20 AM To: 'isalist@xxxxxxxxxxxxx' Subject: [isalist] Re: ISA 2006 & Websense Well, we have about 5000 "potential" users, but probably only a max of about 900 online at any given time. I guess the two questions I would have on this would be: 1. Do you feel like that would be an excessive amount of users for a single ISA server on an ML370 G4 (students do browse at a frenzied rate)? 2. If I did put everything on that one server, how difficult would it be to move portions of it to a separate server later if the load was too high? Thanks for your response! Having never installed the software, I'm not sure how it behaves. From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of D PIETRUSZKA USWRN INTERLINK INFRA SHIFT MGR Sent: Friday, May 29, 2009 8:08 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: ISA 2006 & Websense No, you don't have to split the websense services. If you have an small network, and you would like to have all the websense services plus ISA on the same box, that is valid and can be done. On my case we don't have a huge amount of users (1500 in total), but we have a good amount of offices and ISAs arrays on different areas of the network. Having the Websense policy server on a separate box, allow us to service all our 6 arrays of ISA/Websense facing internet. The poicy server is doing at the same time the function of ISA CSS. Regards Diego R. Pietruszka MIS - Shift Manager MSC (USA) - Interlink Transport Technologies Direct Phone: (908)605-4147 From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ball, Dan Sent: Friday, May 29, 2009 7:38 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: ISA 2006 & Websense So both of you found you had to run two servers for this? How much of a load does it add? From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of D PIETRUSZKA USWRN INTERLINK INFRA SHIFT MGR Sent: Friday, May 29, 2009 7:13 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: ISA 2006 & Websense I'm using Websense with ISA as well without any problem, I'm running ISAS 2006 enterprise and Websense 6.3. Just install websense integrated with ISA and allow the bunch of ports it need to the policy server as Andrew said and you will be up and running in no time. Regards Diego R. Pietruszka MIS - Shift Manager MSC (USA) - Interlink Transport Technologies Direct Phone: (908)605-4147 From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew Hodgson Sent: Friday, May 29, 2009 4:47 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: ISA 2006 & Websense Hi, Running ISA 2006 with Websense 7.0.1. Install went very well, no major issues. You need to allow ISA server to communicate via a firewall rule to the Websense policy server on the Websense specific ports. All clients are proxy clients so I can't use the Websense protocol filtering definitions, though these are blocked via another firewall anyway. I am not using any of the identification agents, using transparent authentication via the ISA Websense plugin - all clients must authenticate to the proxy. Thanks. Andrew. From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ball, Dan Sent: 28 May 2009 17:25 To: 'isalist@xxxxxxxxxxxxx' Subject: [isalist] ISA 2006 & Websense Anyone have Websense up and running with ISA2006? I'm setting up a new server, and looking at installing that software now. [cid:image001.jpg@01C9E03D.2A588140] allpay achieved PCI DSS and ISO 27001 certification in 2008 Registered in England No. 02933191. UK VAT Reg. No. 666 9148 88. Telephone: 0844 225 5729, Fax: 0844 557 8350. Website: www.allpay.net Email: enquiries@xxxxxxxxxx<mailto:enquiries@xxxxxxxxxx> This email, and any files transmitted with it, is confidential and intended solely for the use of the individual or entity to whom it is addressed. If you have received this email in error please notify the allpay Information Security Manager at the number above.