40+ Site Unmanaged WAN

**SueEllen** · 25 February 2017, 21:38

If they want to do it on the cheap and don't realise how important security is, I would run a mile or 100.

**stek** · 25 February 2017, 21:44

ASA 5505 does VLAN's too, good box. We replaced ours with ASA 5506's and found out they didn't do VLANs so we had to do them on the switch...

If you're wanting site-to-site VPN you're going to need security devices are each end anyway, ASA 5505 for example. Cheap enough now but not supported anymore.

**portseven** · 25 February 2017, 22:08

Originally posted by SueEllen View Post

If they want to do it on the cheap and don't realise how important security is, I would run a mile or 100.

Have given her a quick lesson in how to give risks a cost, given the sort of data moving round this network, it should be a no-brainer to do this right.

**davetza** · 26 February 2017, 14:37

Try looking at Meraki (they are Cisco owned) or the cheaper and without the yearly license cost Ubiquiti.

**SimonMac** · 27 February 2017, 09:16

Originally posted by davetza View Post

Try looking at Meraki (they are Cisco owned) or the cheaper and without the yearly license cost Ubiquiti.

+1 For Meraki

Depending on how big each of the sites are there should be a suitable option for all, not cheap but they will have to realise if they want it done right it will cost them

**sal** · 27 February 2017, 09:46

Originally posted by portseven View Post

Helping a friend of mine out who is working for an SME
~snip~
They have no IT staff at all, but now realise they need to take care of it a bit more.
~snip~

So you friend is not IT or was she hired as the first IT to sort this out?

If she doesn't have significant knowledge of networking, better not to get involved or she might be used as a scapegoat if (more like when) something goes wrong.

If they went along without any proper network security so far and a re stingy/stupid enough to have no IT staff with 40+ sites and no network security. Cisco is an overkill for them, there are alternatives like Ubiquiti that can achieve the same results for a fraction of the cost.

**MrMarkyMark** · 27 February 2017, 09:51

Originally posted by sal View Post

So you friend is not IT or was she hired as the first IT to sort this out?

If she doesn't have significant knowledge of networking, better not to get involved or she might be used as a scapegoat if (more like when) something goes wrong.

If they went along without any proper network security so far and a re stingy/stupid enough to have no IT staff with 40+ sites and no network security. Cisco is an overkill for them, there are alternatives like Ubiquiti that can achieve the same results for a fraction of the cost.

The alternative is for the OP to PM Suity.

He specialises in such matters

**portseven** · 27 February 2017, 10:36

Originally posted by sal View Post

So you friend is not IT or was she hired as the first IT to sort this out?

She was hired as head of marketing!!! Getting involved due to previous job having 'IT' in the title

The Meraki stuff looks interesting, they just need some segments in place with some ACL's plus some central VPN

**sal** · 27 February 2017, 11:04

Originally posted by portseven View Post

She was hired as head of marketing!!! Getting involved due to previous job having 'IT' in the title

The Meraki stuff looks interesting, they just need some segments in place with some ACL's plus some central VPN

Tell her to stay away if she can. Otherwise she will be saddled with managing/supporting this forever and i kinda doubt it will be reflected in her pay.

Taking additional responsibilities in the area you were hired to build up your career is one thing, getting saddled with random unrelated crap, just because you have done something remotely similar in the past is entirely different.

Unless of course she is happy/looking forward to do it and prefers IT to Marketing.

40+ Site Unmanaged WAN