Cisco Equipments for Enterprise Network

john.dejesus · ‎08-01-2010

In this diagram, there are 15 branch offices. It will be connected using an IPVPN point-multipoint (c/o TELCO) connection. All the branch offices will access the internet via HQ. The servers (Email, Application Servers, Databases and etc.) are located in HQ. My question are the ff:

1. What is the most suitable router that I can use on the HQ that can handle simultaneous traffic (DB, Web, Email, Voice and Internet)? I am thinking of using a VXR with NPE g1. Is there any alternative cisco router that is much cheaper but not compromising my objectives.
3. On the branch offices, would an Cisco 2921 router fit?
4. To handle the switching on the HQ, what is the most suitable series of switches particularly on the data center located in HQ? My plan is to use a 4948 for the servers and for the distribution a 4510R. For the access switches I am planning to use a 2960.

5. On the firewall equipment, I pick the ASA 5500.
6. I want to use an scalable and cost effective cisco equipment that can last 5-10 years.

I hope someone can help me on this. Thank you in advance.

Regards,
John De Jesus

Leo Laohoo · ‎08-01-2010

My plan is to use a 4948 for the servers

Are you running Layer 2 or Layer 3?

for the distribution a 4510R

It doesn't matter. What matters is the Sup card. Besides, if you plan to run 10Gb then 4500 (no matter what Sup card you choose) just ain't enough. 10Gb uplink and the lowest you can find would be 6500 chassis with Sup720.

On the firewall equipment, I pick the ASA 5500.

Which one???

What is the most suitable router that I can use on the HQ that can handle simultaneous traffic (DB, Web, Email, Voice and Internet)? I am thinking of using a VXR with NPE g1. Is there any alternative cisco router that is much cheaper but not compromising my objectives.

What is the bandwidth you are looking for? 7200VXR G2 if you can pull the budget would be suitable.

On the branch offices, would an Cisco 2921 router fit?

What's the bandwidth?

john.dejesus · ‎08-01-2010

1. For the servers, its for layer 2 and layer 3.

2. For the Internet BW its ranging from 30Mbps and above. For a start, the requirement is 30Mbps

3. For the branch offices connecting to HQ, the leased line bw is 2Mbps minimum.

4. For the firewall i pick the asa5550.

Leo Laohoo · ‎08-01-2010

For the servers, its for layer 2 and layer 3.

For Layer 2-only, top-of-the-rack, Cisco un-veiled it's newest switch, the new 2360. It's got 4 10Gbps SFP+ interfaces along with 48 1Gbps ports. Take note that this model will only take SR and ER SFP+.

For Layer 3, the 3750/3750E/3750X would be great. IF you want redundant power, 3750E/3750X is a choice. I believe they are more affordable compared to the 4948.

For the branch offices connecting to HQ, the leased line bw is 2Mbps minimum.

2 Mbps? Gosh, 860/880/890 ISR2 would be a contender. Just make sure you read the data sheet. One of the things to look at are the number of VLANs each supports. The 860 (if memory serves me correct) supports two but the 890 supports up to 12. Another thing to look out for is the number of concurrent VPN tunnels. 860 (being the basic model) I think supports up to 10.

For the Internet BW its ranging from 30Mbps and above. For a start, the requirement is 30Mbps

30 Mbps, 2921/2951 is good.

john.dejesus · ‎08-01-2010

Hi,

2921/2951? Please take note that all 15 branches will connect to HQ?

Thanks,

John De Jesus

Leo Laohoo · ‎08-01-2010

For branches? Sure 2921/2951 would be suitable.

For HQ, I'm no fan of the NPE G1. G2, would be OK.

john.dejesus · ‎08-01-2010

Hi,

1. I am bit confused on what you said about the 4510R. As I checked 4510R is capabale of 10Gb Uplink. There is a SupEnging V-10GE for this. Please clarify further.

- 2 Supervisor Engine V-10GE

- Cisco IOS Software Release 12.2(40)SG or higher

- 2 WS-X4606-X2-E with 10GBASE-LX4 module including the GBIC Card

- 4 WS-X4548-GB-RJ45

- 2 AC Power for redundancy whichever is applicable for all the line cards and Supervisor Engines

Thanks,

John De Jesus

Leo Laohoo · ‎08-01-2010

You are right. The Sup5 can support 10Gb interface and modules. The question is can the chassis push, as in really, really push, 10Gb. The chassis of your choice is a 4510R and not the 4510R-E. The "R" series has a per-slot maximum bandwith of 6Gbps (the "E" is 24 Gbps) and that's HALF-Duplex. This is akin to putting a V12 engine on an Austin Mini-Cooper and take this to the Le Mans 24-Hour race. (How the he77 you are going to fit the driver, I don't want to hazard a guess but I hope you get the idea.)

Even if you happen to upgrade your chassis to a 4510R-E, with 24 Gbps half-duplex ... I still wouldn't recommend you go there.

Cisco Catalyst 4500 Series Chassis
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps4324/product_data_sheet0900aecd801792b1.html

Cisco Catalyst 4500 Series Supervisor Engine V-10GE
http://www.cisco.com/en/US/prod/collateral/modules/ps2797/ps6033/product_data_sheet0900aecd801c5c66_ps4324_Products_Data_Sheet.html

john.dejesus · ‎08-03-2010

Hi,

What if using a 6500 switch at HQ then all of the branch office will connect to HQ via Ethernet. Is this a better solution over my previous topology?

Thanks,

John De Jesus