<div dir="ltr">Disclaimer: I should have stated I'm not specifically familiar with CACHEBOX. So I'm just speaking from my past experience with caches and secure vs insecure network traffic. It's quite possible that CACHEBOX caches non-secure content that may or may not be of benefit to a library large enough to have patrons repeatedly access cacheable content.<div><br></div><div><br></div><div>Regardless, in your case, Lisa, unless you have some unusual circumstances, I think I'd be a little surprised to learn that a cache would have an appreciable and cost-effective impact on your network. (But, granted, it's been a few minutes since I was last in your library. And I've been wrong before!)</div><div><br clear="all"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>Chad</div><div>______________________________<br><b>Chad Neeper</b><br><font size="1">Senior Systems Engineer</font><br><br><b>Level 9 Networks</b><br><font size="1">740-548-8070 (voice)<br>866-214-6607 (fax)</font><br><br><font size="1"><i>Full IT/Computer consulting services -- Specialized in libraries and schools</i></font><br></div></div></div></div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Mar 25, 2019 at 2:31 PM Chad Neeper <<a href="mailto:cneeper@level9networks.com">cneeper@level9networks.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">I used to do a fair bit with HTTP caching...back when my libraries all had T1 lines. The firewall I used was open source and so had squid (well-known FOSS caching proxy...quite possibly the same proxy running ApplianSys' CACHEBOX) as a plug-in. These days, however, I don't using a caching proxy for several reasons:<div><ol><li>OPLIN has been excellent about providing internet access that keeps up/ahead of demand (Thanks, Karl, Vince, and gang!) Most of the libraries I work with are single-branch libraries, so OPLIN covers all our needs in most cases.</li><li>For several years now, HTTP is actively being discouraged in favor of HTTPS, so there have been and will continue to be diminishing returns on an HTTP cache. (More on this later...)</li><li>In order to cache HTTPS, the proxy cache has to essentially perform a <a href="https://en.wikipedia.org/wiki/Man-in-the-middle_attack" target="_blank">Man-In-The-Middle Attack</a>. If a private <u><i>business</i></u> wants to cache HTTPS, that's fine. That's a company/employee situation. But I'm not going <u>anywhere</u> near that in a public library providing public access to patrons. I encourage you to do your homework on this area before deciding whether or not to do this.</li></ol><div>HTTP vs HTTPS in a nutshell and WRT to caching:</div><div>HTTP == insecure, unencrypted network traffic between a client computer and a web server. It's easily intercepted and cached via a HTTP proxy cache.</div><div>HTTPS == secure, encrypted network traffic between a client computer and a web server. This is not cache-able content. To cache it, the HTTPS proxy must decrypt the HTTPS packets in order to read the content. Since HTTPS traffic is encrypted between the client computer and the web server, the intent is that no device in between the client computer and the web server should be able to read the encrypted communications. To do so, the HTTPS proxy must <u>pretend</u> to be the client computer when talking to the web server, and it must <u>pretend</u> to be the web server when talking to the client computer (MITM attack). If I'm a patron at your library using your computers and discover that your deliberately intercepting what I understand to be a secure connection between my computer and my bank's HTTPS server...I, uhh, wouldn't be very happy.</div><div><br></div><div>Bottom line, if you think you need a HTTP cache...figure out WHY and maybe talk to OPLIN about it first before you implement an HTTP cache, and especially before you <i>spend money</i> implementing a caching device.</div><div><br></div><div>My 2 cents,</div><div>Chad</div><div><br></div><div><br clear="all"><div><div dir="ltr" class="gmail-m_1560658339905019850gmail_signature"><div dir="ltr"><div>______________________________<br><b>Chad Neeper</b><br><font size="1">Senior Systems Engineer</font><br><br><b>Level 9 Networks</b><br><font size="1">740-548-8070 (voice)<br>866-214-6607 (fax)</font><br><br><font size="1"><i>Full IT/Computer consulting services -- Specialized in libraries and schools</i></font><br></div></div></div></div><br></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Mar 25, 2019 at 1:01 PM Lisa Murray via OPLINTECH <<a href="mailto:oplintech@lists.oplin.org" target="_blank">oplintech@lists.oplin.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div id="gmail-m_1560658339905019850gmail-m_2361590982607115952divtagdefaultwrapper" style="font-size:12pt;color:rgb(0,0,0);font-family:Calibri,Helvetica,sans-serif" dir="ltr">
<p style="margin-top:0px;margin-bottom:0px">Is anyone using CACHEBOX from ApplianSys? Has it speed up web browsing in your library?</p>
<p style="margin-top:0px;margin-bottom:0px"><br>
</p>
<div id="gmail-m_1560658339905019850gmail-m_2361590982607115952Signature">
<div id="gmail-m_1560658339905019850gmail-m_2361590982607115952divtagdefaultwrapper" dir="ltr" style="color:rgb(0,0,0);font-family:Calibri,Arial,Helvetica,sans-serif,EmojiFont,"Apple Color Emoji","Segoe UI Emoji",NotoColorEmoji,"Segoe UI Symbol","Android Emoji",EmojiSymbols;font-size:12pt;background-color:rgb(255,255,255)">
<p><span style="font-family:"Lucida Handwriting","Comic Sans MS",fantasy,cursive;font-size:14pt">Lisa</span></p>
<p>Lisa Murray</p>
<p>Director</p>
<p>Cardington-Lincoln Public Library</p>
<p><a href="mailto:lmurray@cardlinc.org" target="_blank">lmurray@cardlinc.org</a></p>
<p><img class="gmail-m_1560658339905019850gmail-m_2361590982607115952EmojiInsert" alt="1453743275544_PastedImage" src="cid:169b60672453799ef8e1"></p>
</div>
</div>
</div>
</div>
_______________________________________________<br>
OPLINTECH mailing list<br>
<a href="mailto:OPLINTECH@lists.oplin.org" target="_blank">OPLINTECH@lists.oplin.org</a><br>
<a href="http://lists.oplin.org/mailman/listinfo/oplintech" rel="noreferrer" target="_blank">http://lists.oplin.org/mailman/listinfo/oplintech</a><br>
<br>
*** OPLIN now offers a Tier III-rated data center for libraries to use. Find out more: <a href="https://www.oplin.ohio.gov/co-location-service" rel="noreferrer" target="_blank">https://www.oplin.ohio.gov/co-location-service</a> ***<br>
</blockquote></div>
</blockquote></div>