I have to explain the following two situation to my boss (just started here). I need help making my explanation in layman's terms.
1. They have A windows Server 2008 R2 server with 2 onboard NICs. They have a single switch connected. One NIC has the main IP and gateway and is what internet traffic is NAT-ed to. The 2nd NIC has the same gateway and an IP in that subnet and is for other traffic. I know from experience they should not both have gateways even if in same subnet. Why is it bad to have it like this?
2. The same server is connected to a layer 2 switch with no VLANs set up. Connected to that switch is an iSCSI SAN that serves up storage to the server over the 2nd IP. I am failing to explain to them why it is valuable for security and performance reasons why they should either use VLANs or get a separate switch for the iSCSI traffic. They do need to be able to replicate that SAN storage over the WAN so it can't be completely isolated. They are basically using a flat network and the server is getting hosed. They have a 48 port switch with many SANs and many servers all on the same VLAN. They also do replication from that SAN to another SAN in a different city over a trunk. How do I explain that we either need a switch that can separate out the ports into different VLANs and then segregate the traffic or we need to get a separate iSCSI switch?
3. Lastly, Every SAN vendor I've ever worked with has recommended purchasing separate iSCSI HBA cards instead of using the onboard NICs that come with most servers today (ours come with 4 onboard). Again I can't figure out how to explain to them that the HBAs take load off the server's CPU and motherboard.