Suggestions needed for a budget Firewall and VPN infrastructure with Cisco and Sonicwall equipment
Posted on 2008-06-15
The company where I work is very budget conscientious, except with regards to the IT department, where funds are almost impossible to obtain. Please keep in mind that when answering this question, all the hardware will be bought off Ebay. Also, I am very familiar with SonicOS and fairly familiar with IOS (studying for my CCNP)
We now have a requirement to establish a VPN with a dozen or so warehouses in the US. Traffic over this Site-to-Site VPN will be Active Directory, DNS, Exchange, file sharing and possibly VoIP.
The current infrastructure is as follows: The head office has two internet connections, 5mbit ADSL and 100mbit Fiber which are connected to the WAN and OPT interfaces on a Sonicwall TZ170 with Enhanced firmware. Each of the warehouses have a T1, Cable or DSL and a TZ170 Standard. Most of the warehouses are currently participating in a VPN for VoIP.
I'm concerned that the TZ170 at the head office will not be able to handle all of the traffic from the VPN. Also, the TZ170 has the ability for 10 VPN Site-to-Site connections in the SonicOS (not sure if more can be purchased or not).
I'm thinking that a PIX Firewall of some kind and a 3640 (is a PIX required if the IOS has FW capabilities?), but I'm not sure what exactly to get to ensure the best security, as well as top reliability and performance.
What would you do on a shoe string budget sticking to used Sonicwall and Cisco equipment?