Hi all.
We are a SME in the technology sector, but we don't have an IT Department. We have an outsourced 1st line Helpdesk - and me. I'm the SysAdmin / Security guy.
Some context:
Our main office has 20 permanent staff and about 40 hot desks - the other 50 permanent staff are in and out of the office / out on the road / at client sites etc.
Our office has a small machine room, the desks have 1GB ports, there is also meshed wifi coverage. My request for advice is based in and around the machine room.
Our firewall provides a core function on-site, acting as a router for the various services (see below) and also the endpoint for the site-2-site VPN to our DC).
- Our local servers (LAN) use 2 x HP 4510s stacked, with a single link to our firewall. (We have another DC which hosts the majority of our 'on-premise' production IT kit).
- The 1GB desk ports at the access layer are all patched to a single 8yr old HP 2650-48 switch and a linked single HP 1800-24, with a single 1GB tail connecting direct to the firewall.
- In addition, we have IP phones connected to a single HP 2610-48 switch, again with a single 1GB tail back to the firewall.
- The WAN also connects directly to the firewall. The wifi APs have a small PoE switch which (you guessed it) connects back to the firewall. Our upstream WAN provider (serving us with a 1GB pipe to the internet) gives us a single downstream 1GB tail - yes - terminating on the firewall.
- OOB management is on an HP 1800-24 using another firewall port.
What I'd like to achieve is the following:
- Replace the old hardware with modern HP equivalent. (We are an HP shop and understand it).
- Provide a degree resilience at the LAN and firewall levels by having an HA pair of firewalls.
- Provide any performance improvements at potential bottlenecks (the uplinks)?
I'd be very grateful from any experts out there who might have any comments on the above.
Kind regards.
No comments:
Post a Comment