Well, I'll throw my .02 in this discussion.=20=20=20
This is one of the few times I'll go ahead and say something like this.=20=
=20
For anything more sophisticated than a dumb linksys can handle (and the
vlan requirement tells me that this falls into that category), well,
Cisco owns the world' *shrug*. end of story.=20=20
I have not, on balance been displeased with their switches (we have a
number of 3550's and some other ones. Be aware tho that cisco loves to
dollar and ten you to death. No question that they are in it for the
money.=20=20
Plus, there's plenty of cisco expertise floating around.=20
Of course, as always, there may be specific technical requirements or
other requirements that indicate something other than cisco.
Firewalls are a different story. I'm a bit more suspicious of the
PIX'es. I come from the school of "if it ain't open, it ain't secure".=20
When I have a choice, I use openbsd. None of my stuff is high enough
traffic that that'll matter.=20=20
On the other hand, most of the managerial technopeasantry is more
comfortable with the 'warm and fuzzy' that comes with the "cisco" name.
As far as VLANs go, they're useful, but it's easy to go overboard on
them (I did <g>). And I'm not sure I'd do a DMZ or a red zone on the
same box I had safe vlans on. The literature has howtos on how to sniff
the packets (particularly if the bad guys can get on a trunk). Plus I'm
more 'warm and phuzzy' with physical separation. YMMV, of course.
In any case, let us know what you decide, and why.
--=20
AFABCO
afabco.com
--=20
http://www.fastmail.fm - Same, same, but different=85
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Sat Aug 27 12:22:14 2005
This archive was generated by hypermail 2.1.8 : Sat Aug 27 2005 - 12:22:15 AKDT