Cisco 1811 Replacement

Hello All!

We currently have a Cisco 1811 Router that routes traffic to other devices usually firewalls (ASAs, etc) as each network is pretty separately managed by other service providers.  At the current time, we have a 100 Meg pipe so it's works for us.  Now that we are considering upgrading to a 1 Gig pipe (possibly 10G) to handle our future traffic needs (and it is actually cheaper for us),

We can always look at the 1920 but I am also trying to think outside the box.  I am currently looking at Meraki appliances (we have Meraki switches) but i'm not sure if they are the best fit for us.  We like the idea of it being cloud based, simplistic and easy to use.  

Is the Meraki appliance overkill?  Any other suggestions?
Edward ChoManaging Exciting Technology ThingsAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Garry GlendownConsulting and Network/Security SpecialistCommented:
Depending on your actual requirements, of which you wrote very little, the recommendation will vary quite a bit ... what does the router actually do? Do you do just plain static L3 routing on the device, or do you run any routing protocols? What interfaces (and number) do you need? Do you do any ACLs etc.? Also, 1G and 10G will make a big difference, especially money-wise ... ;)
Edward ChoManaging Exciting Technology ThingsAuthor Commented:
- Right now, it only does static L3 (nothing else).  If it does more, then great!  
- 1 (or possibly 2) WAN Interfaces + 4 Eth Int
- No ACLs as I think the firewalls after the router can handle that.
- We can stick with 1G

Garry GlendownConsulting and Network/Security SpecialistCommented:
Any current (any just about every older) Cisco router also handles dynamic routing, but depending on the type the models will vary on your requirements (e.g., just using a dynamic default route can be handled by small routers, whereas a dual full bgp feed would require something a bit bigger)

Depending on your data transfer profile, something like a 1921 or 1941 with an additional EHWIC-4ESG module may already be sufficient for your needs. They range in the area of 2.5Gbit throughput based on RFC-2544 tests. Anyway, please be aware that once you start adding features like ACLs or IPSEC, performance will be WELL below that ... their silicon does fine with CEF forwarding, but if they have to do stuff with the CPU, they're quickly hosed ...

Check this document for some "real life" values:
The IT Degree for Career Advancement

Earn your B.S. in Network Operations and Security and become a network and IT security expert. This WGU degree program curriculum was designed with tech-savvy, self-motivated students in mind – allowing you to use your technical expertise, to address real-world business problems.

If you're just routing and not doing any security functions, nat, bgp or any advanced routing, you might look at a layer3 switch like the cisco 3560CG 8 port switch. There is also a model that has a 10G uplink.
Meraki doesnt do routers, but you could use a MX scurity gateway to do basically the same thing, or even one of their layer3 switches.
Garry GlendownConsulting and Network/Security SpecialistCommented:
Apart from that - if your WAN links are ethernet based (which I assume as SDH-based links are finally being phased out most everywhere), what about just hooking up your WAN to your firewall? Is there anything your router is doing that your firewall can't?
Edward ChoManaging Exciting Technology ThingsAuthor Commented:
From the router, it goes to 4 separate firewalls that I don't manage (except for 1 ASA).  

The ISP is providing me with 1 SFP transceiver port or 1 RJ45 Gigabit port for the 1G connection.  1 SFP+ transceiver port for 10G connection.
Garry GlendownConsulting and Network/Security SpecialistCommented:
If you do need a 10G port, any Cisco router will most likely be overpriced, at least unless you need stuff like full BGP table etc.
AS for 3560CG, I don't see a version that has SFP+ ports ... you'd have to go with the "regular" 3560X models that have an extension slot, which you can then put the 1G/10G network module in ...
The smallest 3560X with module will probably run in the 5k$ range, which is about the same area as e.g. 2960XR-24TD is; it too is able to do L3 routing ...

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Edward ChoManaging Exciting Technology ThingsAuthor Commented:
Yes -- i'm now thinking/leaning towards a 1G connection with 3560CG-8TC-S.  It seems to be the most cost efficient.  

I could get a Meraki MX400 appliance but that seems to be overkill (plus $$$).
Garry GlendownConsulting and Network/Security SpecialistCommented:
A possible alternative in the 1G area might be picking up a FortiGate 60D ... it has a combined throughput of 1.5Gbps, 10 1G ports (7 of which can be used either as a HW switch or separate 1G ports), and while it may be overkill to use a firewall in front of your firewalls, it may turn out to be cheaper than the Cisco switch ... plus it has a nice web frontend ;) No need to get the bundle, the base HW does everything you need, even including OSPF/BGP routing and all firewall features (actually everything except dynamic stuff like AV/webfilter or IPS)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.