Soldato
- Joined
- 3 Jun 2005
- Posts
- 3,280
- Location
- The South
I know i've duplicated this from the N&IC subforum and it's a bit of a no-no, but it's probably more suited in here than there (could a mod delete the other thread?).
Anyways, to cut a long story short, we're moving offices and as the previous IT company got given the boot (mixture of stupidly expensive vs. them bodging/not really doing a lot) and with me (software dev) being the only one in the office that knows anything IT, I’ve been punted into the seat of reconfiguring the network
The current network/server situ looks like this -
It's a fairly straight forward setup, granted it currently has issues regarding redundancy/fall over situations, but personally I think it's a bit of a backwards setup created by the IT company with the SBS box (white box server, chugs a bit, could do with replacing at some point) having all those roles, DNS/DHCP (I know SBS likes to be the DHCP/DNS provider), yet not in a dual NIC setup ie: WWW -> Router/Firewall -> SBS -> Switch -> Client machines (eg: something like >this<).
I'm also not hugely convinced with the Cisco router as it has dropped connection a few times (very iffy in our current office), so I’m thinking of replacing that. Obviously wireless is dealt with by the Cisco and the SBS box deals with VPN, which I’ve been told is a bit of a no-no and should be handled by hardware where possible.
Before the questions, requirements - must have wireless access for business phones (and the odd laptop) although this is far from critical (if it failed no one is going to get the chop, just means someone can’t surf the net in the loo etc); must have VPN access for remote access aka for when the MD goes on holiday and needs access to software/DBs; small business setup/no more than 5/6 client machines tops and as usual I have little to no budget to do anything with.
From what I’ve been told, the office building/complex (multiple businesses under one roof) has redundancies in place for power and internet; so that side of things should be taken care of.
Questions -
1) Regarding router/firewall replacement; I was thinking of either the Juniper SSG5 or SRX100 as I know a few people on here rave about them for small business installs (as well as Enterprise). Has anyone had experience setting up either using ScreenOS or Juno OS? Heard Juno OS is a bit of a mare of a learning curve compared to Screen OS although Juno is a lot more powerful. Otherwise something Dray Tek, like the 3300V+, although I’ve heard of a few people having serious issues with them and support is apparently dire. Anything Cisco is well out of budget. Also briefly looked at a Watchguard XTM 22/XTM22-W as it’s in the same price range as the Juniper’s but read an iffy review and left it as that. Is it worth looking at again?
2) Would I be better off leaving the network in the same configuration or moving the SBS box to a dual NIC setup? If it's dual NIC'd how would that effect VPN access, would it be better to give the router/firewall that role or leave the SBS box to deal with it?
3) I know you can get the SSG5 in a wireless version but that's over a £100 more than the standard SSG5; am I right I thinking I could just slap on a WAP (looking at a £20 TP-Link) to whatever router/firewall we get? In either the current configuration or a dual NIC SBS configuration, where is it best to place the WAP; off the router/firewall or the switch?
As said, wireless is a requirement but it’s not critical; with a limited budget if I can save here I will do as the money saved could be used for something else.
4) Another idea was to replace the server with a new SBS box (been looking at the HP Microserver), new Gb switch, remove the router/firewall completely and get SBS to do everything - wise idea or a bit silly and I SHOULD have a hardware firewall solution before the server? I have a feeling I already know this one
5) Anything else I’ve missed, should consider, over looked etc etc?
There is also an ongoing discussion regarding emails and whether or not we need an Exchange setup for so few people, but it is a mixture of what they've always used and me not finding a suitable hosted Exchange solution that meets our requirements with our budget and Google Apps is well out of the question as the MD thought it was "naff".
Cheers for any help :wave:
Anyways, to cut a long story short, we're moving offices and as the previous IT company got given the boot (mixture of stupidly expensive vs. them bodging/not really doing a lot) and with me (software dev) being the only one in the office that knows anything IT, I’ve been punted into the seat of reconfiguring the network
The current network/server situ looks like this -
It's a fairly straight forward setup, granted it currently has issues regarding redundancy/fall over situations, but personally I think it's a bit of a backwards setup created by the IT company with the SBS box (white box server, chugs a bit, could do with replacing at some point) having all those roles, DNS/DHCP (I know SBS likes to be the DHCP/DNS provider), yet not in a dual NIC setup ie: WWW -> Router/Firewall -> SBS -> Switch -> Client machines (eg: something like >this<).
I'm also not hugely convinced with the Cisco router as it has dropped connection a few times (very iffy in our current office), so I’m thinking of replacing that. Obviously wireless is dealt with by the Cisco and the SBS box deals with VPN, which I’ve been told is a bit of a no-no and should be handled by hardware where possible.
Before the questions, requirements - must have wireless access for business phones (and the odd laptop) although this is far from critical (if it failed no one is going to get the chop, just means someone can’t surf the net in the loo etc); must have VPN access for remote access aka for when the MD goes on holiday and needs access to software/DBs; small business setup/no more than 5/6 client machines tops and as usual I have little to no budget to do anything with.
From what I’ve been told, the office building/complex (multiple businesses under one roof) has redundancies in place for power and internet; so that side of things should be taken care of.
Questions -
1) Regarding router/firewall replacement; I was thinking of either the Juniper SSG5 or SRX100 as I know a few people on here rave about them for small business installs (as well as Enterprise). Has anyone had experience setting up either using ScreenOS or Juno OS? Heard Juno OS is a bit of a mare of a learning curve compared to Screen OS although Juno is a lot more powerful. Otherwise something Dray Tek, like the 3300V+, although I’ve heard of a few people having serious issues with them and support is apparently dire. Anything Cisco is well out of budget. Also briefly looked at a Watchguard XTM 22/XTM22-W as it’s in the same price range as the Juniper’s but read an iffy review and left it as that. Is it worth looking at again?
2) Would I be better off leaving the network in the same configuration or moving the SBS box to a dual NIC setup? If it's dual NIC'd how would that effect VPN access, would it be better to give the router/firewall that role or leave the SBS box to deal with it?
3) I know you can get the SSG5 in a wireless version but that's over a £100 more than the standard SSG5; am I right I thinking I could just slap on a WAP (looking at a £20 TP-Link) to whatever router/firewall we get? In either the current configuration or a dual NIC SBS configuration, where is it best to place the WAP; off the router/firewall or the switch?
As said, wireless is a requirement but it’s not critical; with a limited budget if I can save here I will do as the money saved could be used for something else.
4) Another idea was to replace the server with a new SBS box (been looking at the HP Microserver), new Gb switch, remove the router/firewall completely and get SBS to do everything - wise idea or a bit silly and I SHOULD have a hardware firewall solution before the server? I have a feeling I already know this one
5) Anything else I’ve missed, should consider, over looked etc etc?
There is also an ongoing discussion regarding emails and whether or not we need an Exchange setup for so few people, but it is a mixture of what they've always used and me not finding a suitable hosted Exchange solution that meets our requirements with our budget and Google Apps is well out of the question as the MD thought it was "naff".
Cheers for any help :wave:
