Solved

Secure network foundation

Posted on 2011-09-21
9
174 Views
Last Modified: 2012-05-12
I am trying to complete this network solution build. The network consists of:
8 Mb shdsl from the ISP > cisco rv042 > (4x) cisco sf-200

The goal is to supply connectivity for the property staff (local & vpn), guests/reidents (wired/wifi). am considering swapping the rv042 for an cisco 871 and adding a cisco 5520 asa. Any recommendations.

Also, some residents carry their own wrt's etc, how do I effictively reduce any side effect of this.
0
Comment
Question by:CliffordJ
9 Comments
 
LVL 15

Expert Comment

by:The_Warlock
Comment Utility
It looks like your top line has the capability to achieve what you want to do for you build. Although, Im not sure about how many users you are talking about, but the RV042 has a decent set of Firewall options available for your vpn setup. Furthermore, not sure which SF (24 or 48) model you have but should allow you enough for future capacity on users.
   If some users have their own SOHO type equipment, then it would be best to use an Ip address scheme other than the typical "192.168.0.0" network in your equipment as to avoid VPN issues for your remote users. Hope this helps.
0
 

Author Comment

by:CliffordJ
Comment Utility
I am using sf-200 24's and 48. The property has about 60 rooms, plus a desire to implement wifi at key locations.
0
 
LVL 26

Assisted Solution

by:Soulja
Soulja earned 125 total points
Comment Utility
Is this a free service you are offering to the 60 rooms. This is the only reason I can understand using low grade equipment for this solution.  8mb internet connection for 60 rooms? That is not even worth providing. You really need to up that pipe drastically.  I don't see a reason for you to add a firewall and a router. Do one or the other.

I would get at least a 2800 series Cisco router, i.e. 2811, or just the ASA. If router, just use the Zone Based firewall feature set.
The switches may suffice for your purposes, but even 2960's would be better.
I would definitely increase the Internet to the highest you can get within your budget, as it seems that this solution is for using that connection.

Also, get some decent AP's. I personally like the Cisco WAP 4410n's.
0
 

Author Comment

by:CliffordJ
Comment Utility
Waited for someon to comment
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Accepted Solution

by:
CliffordJ earned 0 total points
Comment Utility
I had to find my own solution; using a cisco 2800 router would allow L3 network control and capabilities. Separate vlans for voice, data, guest, and admin. Additional vlans can be added for expansion.

Such a solution does indeed need a serious bandwidth source to accommodate for demand. Freer not, supply creates demand and demand requires supply.

For tight budgets, cisco offers metro and service provider grade equipment on their smb product line also. I recommend others not to make the mistake of taking on a project without first verifying that the client is just as committed as the contractor, otherwise you get scraps for your budget and a mission impossible.
0
 

Author Comment

by:CliffordJ
Comment Utility
I've requested that this question be closed as follows:

Accepted answer: 125 points for Soulja's comment http:/Q_27319242.html#36574029
Assisted answer: 0 points for CliffordJ's comment http:/Q_27319242.html#36921876

for the following reason:

There were a couple key points that were left unanswered and I have mentioned in brief.
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
Object to closing comment of author and point assignment. The key points he mentions were "left unanswered" were never in his original question or asked until his final posting. I recommended the 2800 router in which the author states he is usings, so he did not "find his own solution".
0
 

Expert Comment

by:South Mod
Comment Utility
All,
 
Following an 'Objection' by Soulja (at http://www.experts-exchange.com/Q_27383522.html) to the intended closure of this question, it has been reviewed by at least one Moderator and is being closed as recommended by the Expert.
 
At this point I am going to re-start the auto-close procedure.
 
Thank you,
 
SouthMod
Community Support Moderator
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Hello to you all, I hear of many people congratulate AWS (Amazon Web Services) on how easy it is to spin up and create new EC2 (Elastic Compute Cloud) instances, but then fail and struggle to connect to them using simple tools such as SSH (Secure…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now