-1

Can anyone offer any suggestions on the best switch and firewall to use with Dell PowerEdge servers that are co-located in a Data Centre Half Rack? I'm looking at potentially a Cisco ASA5510 Firewall with a Cisco SG300-20 Switch. Any thoughts/comments/experience?

My other question is, possibly very obvious, but im assuming that the main network feed into the rack goes into the Firewall, then the firewall into the Switch, and the switch through to the various servers? Am i correct in that?

TIW
  • 117
  • 1
  • 7
  • 3
    Best is a subjective term. "Mine is the best". "We have the best burgers in town." "You're the best!". Why not give us some idea of your implementation and architecture (web, email, database, expected volume of switch and WAN traffic, user count, etc., etc.) and we'll try to formulate some intelligent recommendations for you. – joeqwerty Sep 13 '11 at 17:56
  • Please provide you budget, and the expected level of redundancy you are looking for, as it will help. – Doon Sep 13 '11 at 17:59
  • 2
    @Doon "Where not otherwise specified, budget is unlimited and desired redundancy is N+N, geographically and topologically distributed" (I forget the company but that was on someone's quote generator a few years back.) – voretaq7 Sep 13 '11 at 18:01
  • @voretaq7 Nice. I need to remember that next time I get to quote something... – Doon Sep 13 '11 at 18:02
  • 1
    See this question for details about switches http://serverfault.com/questions/2219/what-should-i-pay-attention-to-when-im-buying-a-network-switch – Zoredache Sep 13 '11 at 18:05
  • @Doon The hard part is getting them to pay the invoices. – voretaq7 Sep 13 '11 at 18:05

1 Answers1

2

What's the best kind of switch to use? The kind that meets your requirements (speed, throughput, number of ports, etc.). Remember to allow room for expansion (spare ports).
What's the best kind of firewall to use? The kind that meets your requirements (speed, throughput, VPN termination, number of concurrent sessions, etc.)
In both cases nobody ever got fired for buying Cisco, and very few people have ever been questioned for buying Juniper Networks gear either. You can (and should) work with your vendor to spec appropriate equipment.

Your other question you've already answered: Your ISP's connection goes to the firewall (WAN), and the firewall connects to the local switch (LAN) - All traffic should be funneled through the firewall.
Other configurations are possible, but this is the simplest, most common, and IMHO best if you have any uncertainty about how to set things up (it reduces the chance of accidentally exposing systems on the internet).

voretaq7
  • 79,345
  • 17
  • 128
  • 213