The network manager has told you that the network may need a new router. Now it's your turn. As the channel partner, what do you recommend? Assuming your customer already has a functional network, there are many reasons why you may want to recommend a new router. Obviously, scalability is one reason. The customer may have run out of Ethernet ports on their current router. The router may be near its shelf life (perhaps it has been serviced too frequently and is off of warranty and/or support), and you know it's time for a newer model. Or the customer may have a new requirement to support a different protocol than they have been using -- such as RIP2, BGP, IGMP, HSRP, IGRP or OSPF -- and perhaps their existing router does not support this protocol. Be very careful to check this out, as you don't want to be accused of buying unnecessary equipment to pad your account manager's wallet.
The customer may want to implement VLANs into their network or work with spanning tree. They may also have a new requirement to provide better failover and redundancy than their existing router provides. Perhaps they want an integrated router/VPN, without having to rely on a firewall. There are pros and cons of doing it this way, but clearly if there are budget constraints, an integrated packet filtering router that also provides VPN services for remote client connectivity may help them. Your responsibility is to define the pros and cons, and let the customer make the actual decision.
Wireless is another area to consider. Many routers, particularly home-based products, offer integrated routers based on wireless solutions, though I personally recommend a separate access point for the business when doing wireless -- one which is optimized for security. Though it clearly works well for home use (and I use one myself at home), I would certainly not purchase a Linksys router/switch/wireless access point for a business.
Support: Some things to consider
When upgrading the customer to a new router, you must understand the level of support available from the vendor, unless your company is fully staffed to provide that support. If you try to go with a low-priced router, it may not have the technical staff to help you deal with potential problems. One must also consider the platforms that WAN engineers typically use, as it will be easier to support the environment with industry-standard products that are fully utilized by the majority of companies, small and large.
For both the enterprise and SMB, it is important to choose a manufacturer that cares enough about their products to educate the engineers responsible for deploying their products (and not just box pushers). For example, Cisco network engineers typically pursue a CCNA or (if they are really amazing) CCIE certification, which showcases their skill sets to employers and customers. Nortel offers an NCA at their highest level, which represents a highly advanced level of technical design and analytical expertise for complex Nortel Networks solutions, also widely acknowledged throughout the industry and regarded as a symbol of excellence. Nortel has the greatest telephony experience, and having grown up in that world, I seriously recommend using their infrastructure if your customer is looking for strong VoIP integration. 3Com also offers certification in their technologies. Their router cert is the 3Com Certified WAN Specialist, which demonstrates skills in designing and implementing 3Com WAN solutions, and working with 3Com routers and protocols including OSPF and BGP4.
Product lines: What to expect
Let's look at what a few of the major router vendors offer from their product lines. For SMBs, Cisco has the 1800 Series, which provides WLAN capabilities along with advanced security services and management features such as hardware encryption acceleration, IPsec VPN (AES, 3DES, DES), firewall protection, inline intrusion prevention, Network Admission Control and URL filtering support to allow their smaller customers to implement resilient, scaleable solutions. In addition to their SMB routers, Cisco also offers enterprise-grade models, including the 7600 series, their high-end model which offers integrated, high-density Ethernet switching, carrier-class IP/MPLS routing and 10-Gbps interfaces.
Cisco's propriety product, Network Admission Control (NAC) analyzes PCs that attempt to connect to the network, checking for the presence and status of antivirus and personal firewall software, and reporting on the configuration of the machine. Cisco recently announced that NAC will be interoperable with Microsoft's Microsoft's Network Access Protection (NAP). NAP is an extensible standards-based technology that allows users to more securely access their corporate networks and reduce the complexity of network access for IT administrators.
Nortel has also teamed up with Microsoft to support NAP, as well as other industry-leading security companies to develop industry standards, network designs and products intended to secure critical information by protecting the communications infrastructure as well as user computing devices like desktop and laptop computers. These partnerships are important, because despite the fact that many WAN folks hate Microsoft, those people will still need to deal with Microsoft on the PC client side.
Regarding Nortel's product line, I'm impressed with the Nortel Multiprotocol Router 5430, which is being marketed to remote offices that have outgrown smaller branch office routers. It can support concurrent, compute-intensive applications such as IP Quality of Service, IP multicast, compression and VPNs. It also has support for multiple WAN technologies -- including ATM T1/E1 and T3/E3, frame relay, PPP and ISDN.
3Com also has a strong product line. I am particularly impressed with their 6000 series model, as it has every feature you can possibly think of, including fault tolerance and advanced traffic management and control features. I have deployed 3Com-only switch and routing infrastructures with great success.
In conclusion, I'll reiterate that when looking to recommend new routers for your customer's network, consider VPN capability, mulit-protocal support, integration with other networks, security enhancements (i.e., 3-DES encryption) and strong vendor support. Though I would not hesitate to price out alternate solutions, I prefer industry-standard products for the enterprise.
About the author:
Ken Milberg is the founder of Unix-Linux Solutions. He is also a board member of Unigroup of NY, the oldest Unix users group in NYC. Ken regularly answers user questions on Unix and Linux interoperability issues as a site expert on SearchOpenSource.com.
This tip originally appeared on SearchNetworking.com.