Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
299
Views
0
Helpful
2
Replies

Upgrade server farm advice

pollux1234567890
Level 1
Level 1

‎11-27-2006 10:22 AM - edited ‎03-03-2019 05:25 AM

We would like to upgrade our network(see before.gif) that supports our server farm(about 25 servers made). Mostly web and SQL databases.

Currently we have 2 2811 routers running BGP. Each is connected to a different ISP; one via T1, the other via FastEthernet 100Mb.

The routers are then connected to an unmanaged switch(100Mb). The unmanaged switch is then connected to a Checkpoint firewall.

The firewall is then connected to a second unmanaged switch. The servers are connected to this switch.

As you can see there is no redundency besides the edge routers.

Most importantly we would like to add redundency, increase the speeds, use vlans to seperate the servers.

The 6500 route is a little to expensive. We were thinking a pair of 3760 switches that will connect directly to the firewalls(see after.gif).

Advice? Suggestions?

Thanks,

Labels:
Preview file
3 KB
Preview file
3 KB
0 Helpful
2 Replies 2

Sureshdank
Level 1
Level 1

‎11-27-2006 08:43 PM

The after.gif is a good network design.

Planing redudancy at edge i.e. routers is a good idea. But according to your network design you need to configure GLBP if you want to use both T1 links.

But when comming to firewall redundancy , I think its not ok., due to checkpoint licensing costs. If you has either pix or any other low cost firewall then it would'nt have been an issue.

Comming to switch part you can take good switch like Cisco 3750 or Cisco 3560 and perform NLB on your servers by connecting multiple ports. That will increase the speed and redundancy can also be achived.

Hope that helps.

Regards

Suresh Jain

0 Helpful

pollux1234567890
Level 1
Level 1
In response to Sureshdank

‎11-28-2006 12:50 PM

Thanks!!! It really boils down to 2 sets of options which are indirectly related. Any more advice???

Option 1:

Add a second Checkpoint firewall for redundancy.

or

Option 2:

Scrap Checkpoint and go with 2 PIX(or ASA).

and

Option A:

Have the PIX/ASA/Checkpoint firewall deal with the VLAN Routing/Security and use Layer-2 switches to connect the servers to the firewall

or

Option B:

Purchase Layer-3 switches for VLAN Routing/Securing

0 Helpful
Customers Also Viewed These Support Documents