Hi, we are planning to deploy 2 VLAN's in our company.
One VLAN for our normal dekstop/server envoirement and one for the machines we sell and build.
In conjunction to my other post (http://www.experts-exchange.com/Hardware/Routers/Q_21873510.html
i would like to know some more about the PIX version 7 against a layer 3 switch.
As talked about earlyer, layer 3 switches are somewhat more expensive then a memory expension and updating the software on the pix.
A pix OS7 can route between 2 virtual networks, a dmz and the internet.
When the VLAN's have the same security level the traffic can be routed between them i learned.
But what can a layer 3 switch mean for a company? Currently we have a relativly new PBX/Phone system and i don't see a VOIP in the next 5 years or maybe more. maybe there will be an expansion on the PBX to our branch office that allows VOIP over our VPN tunnel, but it wont go any further than that
With the access-lists used in a pix i guess one could set the same rules as i did earlyer for dmz and internet access.
What is different in that view?
i understand the pix isnt't build for inter-vlan routing on large scale, so its speed would be lower than on a router/layer3 switch. it also doenst have traffic prior and so.
What can a layer 3 switch mean in a company network with 2 VLAN's / Subnets?
Furthermore, when one would use a layer3 switch, it acts like a router..
so does the gateway of an endstations also need to point to the address of that switch?
We are now about to buy 3 (3com) switches to make a another 150 ports managed / vlan ready.
the new 3com 4500 family (layer 3) has a nice price against the Superstack 3 Switch 4200 layer 2 family.
3com 4500 50 port - 3cr17562-91 (costs 658 euro)
(layer 3, 8 stackable, 2x GB, 2x SFP, QOS, 8 priority ques, 256 vlan, IEEE 802.1X User login Security)
3com 4250T 50 port - 3c17302 (costs 525 euro)
(layer 2, 4 stackable, 2x GB, 2x SFP, QOS, 2 priority ques, 60 vlan)
using the memory expension and the new OS7 for the pix we can achieve vlan routing.
With 3 50-ports switches would be ready to deploy, won't we!?