I recently scored a gig designing a small LAN, and would love for my fellow firewall.cx brothers and sisters to take a look at my design and critique it for me. Let us start by taking a look at the current Network.
-15 users (owner wants capabilities to expand to 50 with new network config)
-Their operational and accounting software is accessed through terminal server and the terminal server uses the MS SQL server to get data.
-They host their mail/web services on a Linux machine.
-Currently they use a T1 connection
- They have 5 servers
1) UNIX storage
2) Linux LAMP Server
3) Windows Terminal Server
4) Windows Active Directory Server
5) Windows SQL Server
[code:1] -Routers & Switches-
-Currently using 1 linksys 24 port gigabit switch, the owner has purchased the following equipment:
1) Cisco 3725 router with the 2FE board and a NM 1GE fiber card.
2) Cisco Catalyst 5505 Switch with the SUP III engine and WS-X5410 card (9 port GE GBIC) also 2 WS-X5224 (24 port 10/100 Ethernet)
My main and obvious goal is to get a solid firewall and spam filter in place. I will be using a Unix distro called pfSense. Pf sense supports Vlan tagging and will route my traffic between my DMZ and my LAN.
Here is a logical view at my design, the different colors represent the separate Vlans I will create.
Please let me know what you think, also if you need any more info about the network.
Thank you all very much
The administrator has disabled public write access.