Why thanks! I only have a CCNA now because I had to get it for our partner level, and I'm supposed to get much more. And I only have it on my sig because I use the same sig for work and work-related lists.
You are correct that we would need more details if it is anything other than what I think it is. If it is just a small service, cookie cutter type deal, then I don't see why they can't use a cookie cutter type solution. Being in healthcare, I envision something like Blue Cross/ Blue Shield payer connections, where I think they use the IBM Advantis network (is that what it was called? Who owns them now, AT&T? Yep, they purchased them in 1999 for $5B) and have routers at each customer site. Why not replace them with a cookie cutter type connection? They already have connections to each customer, likely on a DMZ. The communication is just patient financial information (claims) between one host system at a hospital and a system at BC/BS. AT&T certainly uses a cookie-cutter type connection for all of their connections (wonder if they upgraded all of those thousands of routers for the IOS patch). There may be a one-off here and there, but for the VAST majority of situations it's the same. Same for ISP's. You think they have custom connections for each T1 line they install? Stick a this type router here and a that type router there? No, unless a customer has a special need, like shadow T3's as we do, then you're not going to get special treatment. At least that's my take on it. So as to reduce complexity, administration, maintenance, and increase scalability, security, stability, I'd attempt at all cost to have a standard configuration. Even if it cost a bit more. The 3000 series may not be the answer, because we don't know the true requirements, but whatever the answer is I'd attempt to standardize on it. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, August 11, 2003 10:51 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: VPN Best Hardware to use? [7:73793] LITTLE OT: Fred, I respect you. You are one of the top repliers at the moment, terms of qual and freq. I am learning a lot from you, between work en heavy (i mean heavy) cramming an typing for my coming lab. And I mean it. I get a laugh out of your, Fred, (ccna) and answering ccie level q&a! >>> More than one platform depending on req's MAYBE also deployment costs, EOL (800 806-820's-830's series spinning like crazy, 501 here to stay, vpn hw client okay.) Please stop because we're fishing, we need facts. RYAN, Please give us a list of req's. When you design 10-20 sites you ask for a box. When you design 2000 sites you design a total solution. Management of - config, - change, - security, - availability, - performance and - capacity. I am sure I forgot one. You catch my drift? I am also curious about service offered, need front-end? back-end? DMZ's? etc. Learnt as designer consultant etc that if you make a quicky of business req's you'll pay afterwards, because it is not what customer had hoped for........ Trusted -untrusted client sites. Martijn -----Oorspronkelijk bericht----- Van: Reimer, Fred [mailto:[EMAIL PROTECTED] Verzonden: maandag 11 augustus 2003 16:02 Aan: Jansen, M; [EMAIL PROTECTED] Onderwerp: RE: VPN Best Hardware to use? [7:73793] I would certainly hope that the remotes wouldn't use different platforms. I don't know the business model, but it sounds to me like it's some kind of service offering or something. Maybe they have a 2000 site Frame Relay network used to offer a service or something, and they want to switch to something more economical. Instead of paying monthly circuit fees, pay a one-time hardware cost (assuming they don't own the FR routers at the customer end) and use the customer's Internet connection. Why in the world would you want different hardware at each customer site in that situation? Standardize on one hardware platform, and build the cost of that hardware into the business model... If that's the case then the cost of a 3005 can be justified in a small number of months, depending on your FR cost. Certainly you would recoup your cost and start making more money, due to less operating cost, relatively quickly. Now, if this is something else, like a company with 2000 offices throughout the world, then I can see your point and you may end up with different requirements. But, that's not how it sounds so far. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, August 11, 2003 6:57 AM To: [EMAIL PROTECTED] Subject: RE: VPN Best Hardware to use? [7:73793] Despite all hw issues, you really need to - describe the business req's first - translate to technical req's (you are talking 2000+ sites) And you will see that you'll need more than one platform for de Remotes. Dependig on your hierarchy concerning - messaging - authentication - client-server - webapps - desktop/register maintenance/management - security man You will need to or may want to build an hierarchical design. Keep in mind that differen platfroms use different (HQ) fail-over or 2nd ip techniques. Martijn -----Oorspronkelijk bericht----- Van: Ryan Finnesey [mailto:[EMAIL PROTECTED] Verzonden: zondag 10 augustus 2003 4:36 Aan: [EMAIL PROTECTED] Onderwerp: VPN Best Hardware to use? [7:73793] I need to setup VPNs to about 2000 sites. Each site will have an IDSL line installed that will be used to connect to monitor network devices and servers. Some of the remote networks will be using the same network block. I am looking to know what the best hardware to use on each end is. On my end, would it be better to use a PIX or a 3030? On the remote end, I was looking at a PIX 501, SOHO 91 or the 831? Thank you Ryan **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73883&t=73883 -------------------------------------------------- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html