Switching to cisco worth the money?
Comments
-
Deathmage Banned Posts: 2,496Current setup for ~30 local workstations at a 24/7 company, with 2 replicated servers, 1 remote backup server, 1 remote location:
Unknown router but it's not cisco, it's a white blade that's ISP installed, I think this might be leased line running to remote location.
Cable modem running into white blade
2 sonic walls
3x 24 unmanaged gbit switches
Is it really worth spending $1000's replacing this?
There's 5 different departments so I thought VLAN's might be a big advantage but I can't explain it well enough. Lack of QOS isn't a problem, I don't think, there's no network congestion issues and the remote backup will happen in offhours. External security is a concern but not internal, for example the server closet door is usually open, for cooling, with a terminal on all the time but only 3 people know what to do with it and they've never had an issue. I'd like it for cisco knowledge, which is a bit selfish but I realize the company would much rather save money.
1st off, get that server room door secured, I've dealt with way to many people that knew enough to cause problems and unplug a router or server, here is a fine example, your unmanaged swtiches, say a curious user, let call him Joe, walks into the server room and seeing a dangling Cat5e cable hanging from the switch and being the helpful person that Joe is he plugs it into the switch thinking he's smart and walks away, your out to lunch, within about oo probably 15 seconds every computer on the network with lose connectivity (congratulation you've won the Spanning-Tree Award) and you get a phone call from your boss screaming, it's really not worth the trouble of a $5 lock! ... trust me I know!!!!! ...it happened to me 3 days on the job at my IT manager position 4 years ago!!! I went to Home Depot myself and bought the lock and did it myself!
Is there a HVAC system in-place? - if not that's worrisome to say the least. 70 degrees with a humidity of 18% can be a problem, if that equipment runs hot it will have a performance tick on the overall feel of the network. You see when thereis huminity and dust in a server room you run a very high risk for static discharge. I worked in a paper plant and it was always dusty, computer would die all the time. Humidity+warmth+dust= static discharge and bam electronics are goners. An example, I used to have 10 HP 8150dn printer in reserve at all times since static discharge was the number one culprit, it was more cost effective than keeping the plant clean; at $1500 each I never understood the savings...then again my IT budget was $750,000 a year.
vlans aren't really needed for such a small operation, you really need to look at the unmanaged switch and see what the backplane is on them to really gauge if they should be replaced. You would want 120 Gbps Minimum of 24 port switches (some may say 1.5 but I do 2.5, it's really what your comfortable with in terms of future growth); I normally go by this equation (1000 for gigabit and 100 for fast Ethernet)[1000x2x[total ports]=Y then times this by 2.5 for growth. Now, thinking about this for a second, vlans would be helpful if there replicate during the day, when sites and services replicate (but that traffic is dismal honestly), and laslty if they have printers send huge ars AutoCAD prints then it would be helpful. I used over 15 vlans across (3) /23 subnets being used by 6 Corrugator vendors and boy did that network purr like a kitten, I never once had contention of network resources. Hence why I love HP Procurves!
Now if the remote backup server is doing backups at all during the day, then this would be a fine example of use for a vlan and the need for a higher backplane, if it's not running during the day (and I hope it's not) then you should be fine.
Two Sonicwalls seems a bit excessive, are they in Heartbeat HA mode? One thing to also ask; how many concurrent VPN tunnels are being maintained at there peak usage? ... that would be something to consider if speed is becoming an issue that users are complaining about especially if on-site users are doing internet surfing for pleasure or work which is dependent upon the Public IP-facing down/up pipe. If those Sonicwalls have Content filtering, make sure Social Media is blocked, if it's not and someone streams Youtube or a website with a high-caching media stream it will tank your IP-facing pipe. I used to be a Sonicwall freak at my last job, I used to get kicks out of blocking all of the 800+ Wyse thin clients from access anything but www.google.com everything else would say "Access Denied, call your Sonicwall Administrator", used to give me a chuckle all the time seeing those ants try for hours to break down my wall!
As far as QoS is concerned, do you use any video conferencing in your conference room an example is Lifesize, if you have one, or VOIP phones, those can suck a LAN down to a crawl. QoS would be really helpful for your failover T1 lines in the event of a disaster, so that certain traffic has a priority like say phone calls if you have a POTS line channel on the T1 in-case of emergencies for like a auto-attendant phone system.
However without knowing the backplane and if there is no real issue to report, why fix anything? I wouldn't touch it, unless there is a problem.
Also if JOAT's is something you want, get your Network + and Security + soon, I miss being a JOAT's it was a ton of fun. I learned pretty much everything IT has to offer in 4 years and boy was it a ride. Loved every second of it, best of luck to you!!!!! -
powmia Users Awaiting Email Confirmation Posts: 322I only had to read the title to tell you that the answer is NO.
-
techfiend Member Posts: 1,481 ■■■■□□□□□□I'm doing all I think I can do to get the door closed, we have a keyed door handle ready to go in but some are concerned about the rising temperature and the ceo doesn't want to put in a separate a/c unit, which they already have, in the closet. Dust is another big reason we want to get the door closed. A foot away from the closet is a regularly used door to a dusty warehouse. As much as I'd like to put the handle on myself it would come with repercussions. It's been about 2 weeks since I've inquired about it, maybe I'll ask again. The ceo is very proactive in the company and he was the it support guy for years.
They have HVAC and the thermostats are set to 69F there's very few returns so the heat has nowhere to go. I've been cracking open the ceiling tile in a few places and it's really made a difference in the office, unfortunately not in the closet.
VLAN's probably aren't needed but I can see my idea of folder redirection, if it get's approved, vlans could help because they want to keep 2 departments separate of the others but this can be done with permissions and they won't spend money on it. The main and secondary servers will replicate 24/7, they plan on using a crossover cable for this, the third remote server will replicate after hours. I've been pushing failover and they like the idea but they don't know how the server licenses will work with the vm's yet. Current plan is 3 servers with 4 2013 esxi vm's and they hope to run it with 3 standard licenses. I doubt it will work but I've also suggested they could probably get away with 2 vm's on each server, one intranet and the other internet facing, it's putting a lot more eggs in one basket but there would be a hot backup almost all the time. If main goes down, the remote server is less than 24 hours old and only a 5 minute drive or a short upload. Backups are done every night during off hours.
Only one sonicwall is attached but the other is ready to be plugged in, if needed, heartbeat mode sounds interesting, would that be preferred in this situation? Personally outside of the little printer work, sonicwall is my least favorite part of the job so far, the interface is a mess. Today I was trying to find some hidden services I mistakenly setup through the public server wizard, after 30 minutes I still hadn't found them. They aren't in the services page, any ideas? At times streaming is actually required, we use generic p**n, gambling and malware list blocking in the content filter but that's it. Personal internet usage is fine as long as it's not p**n, gambling, illegal or job sites. There are employees that sit on social networks and/or game in the down times and it's fully accepted.
Phone is POTS but IT has been pushing for voip for years. The call quality is terrible at times and half the staff spends most of their days on the phone. The owner has a weird phobia where he wants to spread out the forms of transmission in case of a disaster. Internet is cable and satellite, phone is phone line. The remote office is on cellular internet and it's recently become an issue with the remote security cams. Skype is rarely used in the conference room and one employee uses it on occasion but never had issues with it. They are thinking about doubling download and quadrupling upload for twice the money when they start the remote server. I can see how QoS can be very helpful in these situations but the lack of voip, rare video conferencing and remote transfers only on off-hours make it less so. Also sonicwall has QoS I think, I'm amazed at how much that little box has packed inside of it actually. Dell really should put some good gui designers behind it and the cli needs a lot of work, unfortunately they are a hardware company.
I don't mind being a JOAT currently but eventually want to work mostly on linux, cisco and/or vmware command lines. Currently my days are spent mainly doing server cleanup and troubleshooting, I try to do it with cli where I can but try to avoid powershell, it feels more like a programming language then a command line or scripting language. An occasional support issue comes up, which I don't mind now because it's almost always something new but I can see myself growing tired of it in a few years, when it's often the same things over again.
I plan on getting Network+ and am pretty much test ready then I plan on moving on to 2012 MCSA since I'll be helping migrate over to it within the next few months and a lot of my job will be spent on 2012. Then moving on to the other certs in the wgu net admin track, not sure when I'll take the Sec+. Now that I'm working in the field I don't see any use in knowing the A+ and most of the N+ material. Do S+ and other comptia's give a broad spectrum that aren't very useful on the job and more just something to put on a resume to show some knowledge?2018 AWS Solutions Architect - Associate (Apr) 2017 VCAP6-DCV Deploy (Oct) 2016 Storage+ (Jan)
2015 Start WGU (Feb) Net+ (Feb) Sec+ (Mar) Project+ (Apr) Other WGU (Jun) CCENT (Jul) CCNA (Aug) CCNA Security (Aug) MCP 2012 (Sep) MCSA 2012 (Oct) Linux+ (Nov) Capstone/BS (Nov) VCP6-DCV (Dec) ITILF (Dec) -
crazychrono100 Member Posts: 30 ■■□□□□□□□□The reason for getting Cisco switches and routers is the advanced features and reliability they provide. The reason Cisco equipment cost so much more than the competitor is because of their software (ios now nx-os). They spent alot of money on developing these software and there are advanced features that they have implemented in their products. For the most part many other vendors have the same basic features as Cisco and work just as fine in a SMB environment.
-
Priston Member Posts: 999 ■■■■□□□□□□@crazychrono NX-OS did not replace IOS. They are 2 separate product lines.A.A.S. in Networking Technologies
A+, Network+, CCNA -
Magmadragoon Member Posts: 172 ■■■□□□□□□□Techfiend, I think the first thing you should do is figure out how things works for the company's network first. You said you only been in IT for the last 2 weeks and want to make a bunch of changes right away including changing the whole network over. That would be red flags for me in an instance in any industry. Did the person before working with the company leave any documentation? If so, try reading that to gain so knowledge who how the system ran before you were hired. Trying to figure out ways to save money can be good but have a plan of action if things go wrong.
In my opinion, I would be very wary of approving a whole bunch of network equipment purchase without data backing up the justification of the cost and reliability of the system. It almost sounds that you need to learn about networking before even attempting to propose changes like that. Cisco equipment is not plug & play and things work just great. I know for a fact with my employer, it would be rejected in an instant. -
crazychrono100 Member Posts: 30 ■■□□□□□□□□@priston Yup you are correct they are indeed two separate product lines. I meant to say "ios and nx-os".
-
techfiend Member Posts: 1,481 ■■■■□□□□□□First I've heard of nx-os but I agree they spend a lot of money hiring smart, common sense employees to design the cli and it really shows. Probably my favorite cli out there with bash a close second. Microsoft should take notice.
While I never pushed them for cisco equipment, I asked twice if cisco would be an option before I started this thread, it was a quick no both times. It was mainly enthusiasm and naivety on my part to think of cisco hardware then anything else. The purpose of this thread was to get good reasons to switch and still no one has come up with anything. Good to learn that buying cisco isn't something some SMB's do, although I have interviewed with smaller companies that have cisco equipment. Except for a topography map, the network isn't well documented but outside of the servers it's not very complicated. Basically servers and workstations plug in to unmanaged switches along with a sonicwall that's acts as a router, then the 2 isp links. The servers will be redone soon and I'll make sure to well document them, I'm really excited to get going on this.2018 AWS Solutions Architect - Associate (Apr) 2017 VCAP6-DCV Deploy (Oct) 2016 Storage+ (Jan)
2015 Start WGU (Feb) Net+ (Feb) Sec+ (Mar) Project+ (Apr) Other WGU (Jun) CCENT (Jul) CCNA (Aug) CCNA Security (Aug) MCP 2012 (Sep) MCSA 2012 (Oct) Linux+ (Nov) Capstone/BS (Nov) VCP6-DCV (Dec) ITILF (Dec) -
gorebrush Member Posts: 2,743 ■■■■■■■□□□There are plenty of good answers in this thread. I think the problem is, they weren't the answer that "you" were looking for, imo.
Cisco gear is expensive because of the features they provide. I worked in an SMB where unmanaged switches, whilst cheap and pretty basic - did the job well. The network from a security standpoint was rubbish because everything was in one flat VLAN which was basically spanned across 5 x 48 port gig switches to all clients - but it didn't matter to the company that I worked for.
When I moved on to a place that had Cisco VoIP - well that in itself needs switches for the VLAN capability. We had PoE switches too - and 2 x CallManager boxes. $$$!
Trying to move a company from POTS to VoIP is expensive - no two ways around that one... -
techfiend Member Posts: 1,481 ■■■■□□□□□□Right there is good answers on why cisco is heavily used just not one for using cisco in this situation. $1000's to change from pots to voip or $10,000's?2018 AWS Solutions Architect - Associate (Apr) 2017 VCAP6-DCV Deploy (Oct) 2016 Storage+ (Jan)
2015 Start WGU (Feb) Net+ (Feb) Sec+ (Mar) Project+ (Apr) Other WGU (Jun) CCENT (Jul) CCNA (Aug) CCNA Security (Aug) MCP 2012 (Sep) MCSA 2012 (Oct) Linux+ (Nov) Capstone/BS (Nov) VCP6-DCV (Dec) ITILF (Dec) -
Priston Member Posts: 999 ■■■■□□□□□□If your looking to switch to VoIP look into ShoreTel.A.A.S. in Networking Technologies
A+, Network+, CCNA -
Hondabuff Member Posts: 667 ■■■□□□□□□□I would install a Cisco UC540 and a managed 3750 48 port POE switch and call it a day. It will do your Routing/ Switching/ Set your Vlans/Firewall/Site to Site VPN/ SSL,IPsec VPN for remote workers and add VOIP to the business. They are cake to setup and you can add the company logo to the Phones and look like a hero. UC540, 3750 POE, 10 7945 Phones switch your backups to Iron Mt. Can probably do it all for under $5k. Probably have money left over to install some WAPs too.“The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln
-
techfiend Member Posts: 1,481 ■■■■□□□□□□The cisco UC540 and a managed switch probably would be perfect (in my mind) but that price tag would be sticker shock for the owner. Is shortel much cheaper?
I have no idea what POTS and VOIP service costs, are they about the same?2018 AWS Solutions Architect - Associate (Apr) 2017 VCAP6-DCV Deploy (Oct) 2016 Storage+ (Jan)
2015 Start WGU (Feb) Net+ (Feb) Sec+ (Mar) Project+ (Apr) Other WGU (Jun) CCENT (Jul) CCNA (Aug) CCNA Security (Aug) MCP 2012 (Sep) MCSA 2012 (Oct) Linux+ (Nov) Capstone/BS (Nov) VCP6-DCV (Dec) ITILF (Dec) -
Hondabuff Member Posts: 667 ■■■□□□□□□□The cisco UC540 and a managed switch probably would be perfect (in my mind) but that price tag would be sticker shock for the owner. Is shortel much cheaper?
I have no idea what POTS and VOIP service costs, are they about the same?
I did a install for a Animal Hospital and got a UC520, WAP4410, 2 7945's, 3 7942's for around $900. Took about an hour to get it up and running on my bench before I installed it. UC540 are going end of life here at the end of the month so you can probable get one pretty cheap. By far the most fun Cisco product I ever used. Might get one for the house with one of the mini 8 port 3560 switches.:D
“The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln -
gorebrush Member Posts: 2,743 ■■■■■■■□□□^^^ - /Drool.
This is one of my projects long term is to get a few Cisco phones wired up about the place.