Solved

Firewall / Router Solution

Posted on 2007-03-19
4
225 Views
Last Modified: 2013-11-16
Hey gang,

I have a small business that uses an ASP (application service provider) for their main day-to-day duties.  The office staff is about 12 employees, but they also have about 10 remote users (mostly using OWA or RDP).  They are currently using a T1 for internet with 8 channels being used for voice and the rest for data.  Since they’ve migrated to the new app, the internet and application performance has come to a crawl.  Based on the calculations from the ASP on the amount of  bandwidth need per user, they’ve decided to get a 2nd T1 dedicated for the ASP.  

So, the question is, aside from spending $3500 on a Cisco 2821, is there a more cost effective firewall solution that can route all traffic destined for the ASP's IP to T1b, and everything else to T1a?   Would using 2 cheaper firewalls work if made FirewallA the DG, and then put a static route on it that said anything destined for application.aspcompany.com route to internal interface on FirewallB?

Any ideas / recommendations appreciated.
0
Comment
Question by:DMJorgensen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 18753795
Personaly opinion, get two T1's and bond them together.  Makes everybody happer, except the accountants.

A single firewall should be able to handle this easily.  You could either have two "outside" interfaces, one for T1a and one for T1b.  Or a single interface with two sub interfaces.  Either way you still have a static route for the IP address of the application server that points to the router for T1b and leave a default route pointing to the router of T1a.

However, are you getting the $3500 Cisco to connect both T1's?  If so, the the static route would go into the 2821 and you just have the firewall forward everything to the 2821.  The 2821 would then route based on going to the application server (static route) or not going to application server (default route).
0
 
LVL 5

Author Comment

by:DMJorgensen
ID: 18756039
The 2821 will definitly do what I want, but I'm looking for something that's cheaper.  This is a small business that would prefer not to spend the $3500.  Are there chearper firewalls with 1 LAN and 2 WAN ports?
0
 
LVL 57

Accepted Solution

by:
giltjr earned 250 total points
ID: 18756273
You may want to look at the 1841.  I think it is about US$1,500.
0
 
LVL 25

Assisted Solution

by:Cyclops3590
Cyclops3590 earned 250 total points
ID: 18758326
personally I'd go with an ASA 5510.  It can easily handle what you want and for about $2000.  And please correct me if I'm wrong, but for some reason I believe the SmartNET is about $500-$600.
Default license enables 3 interfaces (plus mgmt int).  So you can have your lan and app networks.
Supports vpn very well, and gives you plenty of upgrade options, IPS module, SSL VPN, etc.
At least that's the way I'd go.
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question