?
Solved

Should I go with a router or a switch?

Posted on 2008-11-01
8
Medium Priority
?
307 Views
Last Modified: 2010-04-21
We have a datacenter and are getting our internet connection from a vendor in the datacenter.  The question is, do I want to get my own router (Cisco) or should I just take an ethernet drop and plug into a Catalyst L3 switch?  What are the benefits of having my own router?  I've historically plugged into a L3 switch.  Just looking for what the benefits are for either solution.
0
Comment
Question by:wbrooksjr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 4

Expert Comment

by:zack4x4
ID: 22859794
If you are getting a totally unfirewalls unfiltered internet connection from the vendor in the datacentre I would tend to want to put a good cisco firewall before my servers.  However if you are happy with their firewall setup and you feel it's secure you can just get a switch.
0
 
LVL 10

Expert Comment

by:ampranti
ID: 22859798
Internet connection is usually plugged to a router , which is the outside zone of the firewall..
Firewall then filters the traffic.

By plugging on a L3 switch (probably the inside LAN) you are exposed to potential security risks.

However, is it MetroEthernet and you are usinga MetroEthernet Switch ??


0
 

Author Comment

by:wbrooksjr
ID: 22860111
I will have a firewall (Cisco ASA) before my servers.  What benefits do I get putting a router in front of it versus just taking an ethernet drop and connecting to my firewall?
0
Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

 
LVL 28

Accepted Solution

by:
batry_boy earned 500 total points
ID: 22860178
In your scenario, you won't get much added value by utilizing a router in front of the firewall.  If you had multiple public IP blocks you were wanting to advertise public services for, e.g. ftp server(s), web serves, mail servers for different customers or organizations that were sharing this same Internet connection, then you would need to segment that address space with a router or L3 switch.  Another reason you may want a router in front is to terminate WAN media types other than Ethernet, for example a T1 or ATM.  Since your firewall or a L3 switch will only do Ethernet, you would need a router to terminate the connection in those cases.

However, it sounds like the termination is already being handled for you and you are just being handed an Ethernet drop.  In this case, I think you're firewall would be just fine by itself.
0
 
LVL 5

Expert Comment

by:devangshroff
ID: 22860533
Its recommnded you should go for Router , as its a pure L3 device , in future expantion , router will help , in routing.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 22861226
>What benefits do I get putting a router in front of it versus just taking an ethernet drop and connecting to my firewall?
None. Zero. Nada.
A router in between the ethernet handoff from the colo and your ASA firewall serves no purpose. Plug the feed directly into the ASA.
0
 
LVL 10

Expert Comment

by:ampranti
ID: 22861235
I will have a firewall (Cisco ASA) before my servers.  What benefits do I get putting a router in front of it versus just taking an ethernet drop and connecting to my firewall?

If you have a firewall you will not get any additional benefits.
You can use a switch (an unmanaged L2) just in case you want to connect temporary a device before firewall for testing purposes or troubleshooting.

0
 

Author Closing Comment

by:wbrooksjr
ID: 31512430
Thanks.  Your solution was the most informative and concise.  Thanks again.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tutorial will go through the steps required to write a script that will back up the configuration settings of a HP-ProCurve switch. You will need to get the following things to follow this tutorial: Telnet Scripting Tool e.g. TST10.exe …
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question