Solved

Firewall / Router Solution

Posted on 2007-03-19
4
224 Views
Last Modified: 2013-11-16
Hey gang,

I have a small business that uses an ASP (application service provider) for their main day-to-day duties.  The office staff is about 12 employees, but they also have about 10 remote users (mostly using OWA or RDP).  They are currently using a T1 for internet with 8 channels being used for voice and the rest for data.  Since they’ve migrated to the new app, the internet and application performance has come to a crawl.  Based on the calculations from the ASP on the amount of  bandwidth need per user, they’ve decided to get a 2nd T1 dedicated for the ASP.  

So, the question is, aside from spending $3500 on a Cisco 2821, is there a more cost effective firewall solution that can route all traffic destined for the ASP's IP to T1b, and everything else to T1a?   Would using 2 cheaper firewalls work if made FirewallA the DG, and then put a static route on it that said anything destined for application.aspcompany.com route to internal interface on FirewallB?

Any ideas / recommendations appreciated.
0
Comment
Question by:DMJorgensen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 18753795
Personaly opinion, get two T1's and bond them together.  Makes everybody happer, except the accountants.

A single firewall should be able to handle this easily.  You could either have two "outside" interfaces, one for T1a and one for T1b.  Or a single interface with two sub interfaces.  Either way you still have a static route for the IP address of the application server that points to the router for T1b and leave a default route pointing to the router of T1a.

However, are you getting the $3500 Cisco to connect both T1's?  If so, the the static route would go into the 2821 and you just have the firewall forward everything to the 2821.  The 2821 would then route based on going to the application server (static route) or not going to application server (default route).
0
 
LVL 5

Author Comment

by:DMJorgensen
ID: 18756039
The 2821 will definitly do what I want, but I'm looking for something that's cheaper.  This is a small business that would prefer not to spend the $3500.  Are there chearper firewalls with 1 LAN and 2 WAN ports?
0
 
LVL 57

Accepted Solution

by:
giltjr earned 250 total points
ID: 18756273
You may want to look at the 1841.  I think it is about US$1,500.
0
 
LVL 25

Assisted Solution

by:Cyclops3590
Cyclops3590 earned 250 total points
ID: 18758326
personally I'd go with an ASA 5510.  It can easily handle what you want and for about $2000.  And please correct me if I'm wrong, but for some reason I believe the SmartNET is about $500-$600.
Default license enables 3 interfaces (plus mgmt int).  So you can have your lan and app networks.
Supports vpn very well, and gives you plenty of upgrade options, IPS module, SSL VPN, etc.
At least that's the way I'd go.
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question