I'm currently doing some research and planning for a core network refresh at one of our branch locations where I'm going to be upgrading our WAN link to a much higher speed and replacing our edge router and distribution switchers.
We are upgrading to a single 250MB Metro-Ethernet WAN link and our network will essentially be providing internet access to around 3,000 âuntrustedâ end users. Additionally, we will have a VLAN for approximately 50 âtrustedâ end users that we wish to operate a router-based IPS, ZBF FW and a GRE/IPSec Tunnel (approx. 10MB Bandwidth). We will have standalone appliances for WAN Optimization and firewalling for the âuntrustedâ users.
From the price-performance standpoint, the ASR series seems to be the best option thus far, but I'd like to get some outside input on the selection of the best device for our application. Due to the nature of our network, we provide internet access to untrusted users that we do NOT filter traffic for. Our past experience shows that the type and âqualityâ of traffic originating from some of our end users can artificially increase the load on our devices running NAT. For example, another location with a 100MB WAN link with a 3845 router experiences a constant 30-50% load during peak hours.
We are currently evaluating the prospects of three different routers:
-ASR 1000 ESP-5GB
I'm open to any input you guys have on our router selection and appreciate your help.