New star-up..needs help with switches to use?

[shonet]

hello and thank you for looking.

i need to set up a network and have no clue what i need. i have fiber internet with multi static ip's.#1 1p is for the company goes to a router for our internet needs. #2 web server. #3-#? needs to be routed to customer servers.one ip per server. each server will have web and secure ftp. all servers will run open suse apache and oracle database services.

any help will be nice.

 

[pansophic]

Your ideal configuration would be to connect your router to a hardware firewall with one or more DMZ networks to support the Internet accessible machines and a protected network for your internal LAN (assuming that your customer service servers actually need to be Internet accessible).

Since you are obviously a Linux shop, IPCop or ShoreWall are two free Linux-based firewalls, so you just need a computer with 2 or more NICs (recommend at least 3).

You'll need to configure all of the static addresses on the firewall's external interface and statically NAT them to the DMZ machine(s). You'll also want to enable port forwarding for the ports that are required for your application.

I would suggest enabling the Intrusion Detection (Snort) on the firewall so that you can see when you are being hacked, and maybe even get an automated alert when it happens.


pansophic