<html><head></head><body bgcolor="#FFFFFF"><div><p style="margin-top: 0px; margin-bottom: 0px; ">Thank for you technical advice,<br></p><p style="margin-top: 0px; margin-bottom: 0px; ">The three vendors needs to drop a line each.. at the HQ.. the WAN in not a private network.<br></p><p style="margin-top: 0px; margin-bottom: 0px; ">The question here is can we use cyberoam utm to act as a router where the three vendors, we and all the 340 branches can interconnect.<br></p><p style="margin-top: 0px; margin-bottom: 0px; ">Thanks</p><br>Warm regards,<div>Odiachi I.</div></div><div><br>On 17 Apr 2014, at 14:16, Phil Regnauld <<a href="mailto:regnauld@nsrc.org">regnauld@nsrc.org</a>> wrote:<br><br></div><div></div><blockquote type="cite"><div><span>Ikemefuna Odiachi. (i.odiachi) writes:</span><br><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>Requirement:</span><br></blockquote><blockquote type="cite"><span>All 3 Vendors will drop 1x E1 modem and 1x router as CPE at the HQ DC</span><br></blockquote><blockquote type="cite"><span>I need to integrate the 3 WAN links so that the entire WAN is centrally managed/provisioned from a single core network device</span><br></blockquote><span></span><br><span> Hi Odiachi,</span><br><span></span><br><span> You mean: each vendor will terminate a link to your premises, to aggregate</span><br><span> their "share" of the 340 locations ? Or will they each bring a router ?</span><br><span></span><br><span> How will each of the 340 locations be presented to you ? VLAN ? other ?</span><br><span> Or will you have to point statics down to each vendor's WAN aggregation</span><br><span> point ? Or will you see each of the IP of the remote location's router ?</span><br><span> (will this be L3, or L2, basically).</span><br><span></span><br><blockquote type="cite"><span>My asks:</span><br></blockquote><blockquote type="cite"><span>1. Which network device would you recommend to do this (aggregation router, multi-layer switch)?</span><br></blockquote><span></span><br><span> How much inter-site trafic do you expect ? Or will it all be mostly to</span><br><span> and from Internet and core services/servers ?</span><br><span></span><br><span> Cisco ASR comes to mind, or even a beefy Linux/UNIX box, depending on</span><br><span> the throughput.</span><br><span></span><br><blockquote type="cite"><span>2. If this is unavailable, do you agree that we can use a Cyberoam UTM (CR2500iNG-XP) to perform this aggregation? (We are looking to do this with a default route set up from each of the 3 WAN routers to the Cyberoam)</span><br></blockquote><span></span><br><span> I would definitely leave the security part upstream, and not mix those two</span><br><span> layers. To be honest, I don't know the Cyberoam, but I would keep routing</span><br><span> and firewall separate, to make things easier to debug. There may be</span><br><span> restrictions in throughput via licensing or simply filtering/inspection</span><br><span> performance.</span><br><span></span><br><span> Cheers,</span><br><span> Phil</span><br></div></blockquote></body></html>