Hi, I need Switches, IPS, Load Balancer and Firewalls. But its hard to find right one.
Device should have at least 24 x 10/100/1000 Base T and + 4 x GBIC/SFP ports.
SFP ports can be filled up with 1000BaseSX, 1000BaseLX or 1000BaseLH.
switch should support IEEE 802.3, 802.3u, 802.3z, 802.3ab, 802.1d, 802.1w, 802.1x, 802.3x.
Backplane capacity should be at least 32 Gbps.
Layer2 and layer3 switching capacity should no less than 38 Gbps.
should support at least 12000 MAC address.
At least 8 x 10/100/1000 BaseT or 4 x 1000BaseX ports should be channelized and let them work as a single port.
I think cisco catalyst 3750 and 3560 are suitable. But couldnt choose which one.
Ability to identify, classify and stop worm, DoS etc. attacks.
Should operate in considering signature based, behavioral analysis and zero day type attacks.
Connectivity : Min 4 x 10/100/1000 ports on device.
Capability of Tracking TCP/IP, ICMP, TCP and UDP traffic.
Detection of protocols anomalies for FTP, SMTP, HTTP, DNS, GRE, etc..
Inline IPS performance should be at least 500 Mbps.
Can be offered as a card on Load Balancer.
Load Balancer Specifications
Ports : Single device should have at least 36 x 1000BaseT port.If single device has not 36 ports then additional switches which has same specs as described above can be offered:
Should manage layer 2-7.
Support 2 millon concurrent connection.
Performance of individual device for data center should have throughput of at least 4 Gbps. Throughput of both devices should have scalibility feature such that without additional box, by the help of licence upgrading devices chould have throughput of 8Gbps.
Devices should support health check.
Required firewall device can be proposed as cards on Load Balancer or seperate appliance but not a system running on a server
If separate device than min 4 x 1000BaseT ports per device.
Individual device should support 100,000 sql transaction per second with 1 Gbps of throughput.
Firewall should work in active-active configuration.
The proposed solution must support at least Oracle, Sybase, MS-SQL databases.
Device should have a learning mode for dynamic profiling capabilities in terms of connecting user, connecting user source ip, operations and queries performed on the database to make a decision of blocking the inconsistent requests to this profile.
If required, one separate management appliance and 1 year renewal and updates should be proposed.
Thank u for helping.