Integrated 16switch in VPN Router

Associate
Joined
26 Mar 2003
Posts
1,194
Location
UK
Hi there,

I am currently planning a small network between two offices for a local company.

At office A they have upto 15wired clients and 10wireless currently connected via a 24port switch which also has a wireless access point connected to it. With a ADSL connection to the 24 port switch providing internet.


At office B there are 3 wired hosts and 2 wireless connected in a similar arrangement to above. (I.e. a ADSL connection to the switch etc.)

My question is are there any advantages to have the following configuration opposed to the configuration below it? Many thanks in advance.

Internet Connection-->ADSL MODEM-->VPN ROUTER-->24port Switch-->Hosts

Internet Connection-->ADSL MODEM-->VPN ROUTER WITH BUILT IN 24Port Switch-->Hosts

The VPN routers with only a 4port switch built in are obviously a lot cheaper than those with the built in 24port switches are there any major advantages in terms of speed, performance, and features that an integrated solution would provide?

Many thanks..
 
Caporegime
Joined
16 May 2003
Posts
25,368
Location
::1
Other than it'll be easier to get a router and a 24 port switch separately than the two in one?

Other than that, there's no advantage (unless the internet connection's faster than the connection between the switch and the router).
 
Soldato
Joined
27 Feb 2003
Posts
7,192
Location
Shropshire
Where an integrated firewall (VPN etc) and switch, like the SonicWall Pro 1240, comes into it's own is in a shared building (IMHO).

I've got one out in the field and using the firewall rules, I can segment the network for each tenant in the shared office. Thus Company A can't see Companies B,C or D and vice versa but they can all share a single ADSL connection. Each company has their own IP range, DHCP server etc so it's a self contained network and all run by the firewall :cool:

I'd go with tolien and say run seperate components as you should win that way on cost.
 
Caporegime
Joined
16 May 2003
Posts
25,368
Location
::1
Surely you could do that with a separate switch and VLANning (okay you can't do that with $genericConsumerSwitch, but you don't generally get consumer type switches with 24 ports)?
 
Soldato
Joined
27 Feb 2003
Posts
7,192
Location
Shropshire
Yup, VLANing would deliver a similar level of basic segmentation. The SonicWall comes into it's own on the bells and whistles. As the NAT and firewall policy is so granular, I could open a single port between segments if required.

Also, as the tenants are small businesses, quite a few of them don't have a server, so the ability to give each segment it's own DHCP server is great. It's possible to rate limit on each individual port to stop one tenant hammering the ADSL.

I can also provide client VPN access from the outside world and via the "zones" you create, I restrict which zones the incoming user can get to (ie only their segment of the network) on a per user basis.

A VLAN switch would be a cheaper solution, given the Pro 1240 with SonicOS Enhanced is over £1500 (IIRC).
 
Back
Top Bottom