Storage

Holiday shopping for network interfaces and security zones

Adding connectivity is a result of many factors including price, performance and security. IT Pro Rick Vanover shares a recent experience in selecting additional connectivity.

It is the holiday season, right? This is usually the time of year that I bolster up my lab environment. This year, I'm doing a fairly significant rework of my networking for my private lab. I've finally taken the advice of security expert Edward Haletky and stopped relying on Layer-2 for all my security in my private lab.

Basically, I need separate media for every security zone in my private lab. Sure, I can stack all these networking roles on one media. But after listening to each of Edward's security roundtable podcasts, I need to reconsider the media and connectivity in use. I brought this up previously in a blog post on security zones this year. Now that I have introduced a permanent piece of iSCSI storage with my recent DroboPro purchase, I have an additional security zone with network-based storage that will be here to stay.

When I went to decide what to purchase for the additional connectivity for the private lab, I quickly determined that I had an option to be cheap or do it right. When it comes to purchasing additional network connectivity, the cornerstone decision becomes the bus that the accessory cards use. My requirement is to increase each server by two physical networks. For my server environment, I can support PCI-Express interfaces (up to 4x).

For one of the server models I have, that gave me a choice of a single accessory card with one interface at 1x on a PCI-Express interface or a dual-port controller that is a 4x PCI-Express. The 1x interface on a per-port cost was significantly cheaper (around 60% less) than the 4x interface per-port. I decided to spend the extra money and get the 4x dual-port interface, primarily because the dedicated iSCSI interface will welcome any performance it can consume.

Reconfiguring security zones and adding the required connectivity is a practice we can do, not just in private labs but in any networked environment. Adding the performance to the interfaces also will architect the solution in the best way possible.

How do you architect the connectivity in your own private lab? Share your comments below.

About

Rick Vanover is a software strategy specialist for Veeam Software, based in Columbus, Ohio. Rick has years of IT experience and focuses on virtualization, Windows-based server administration, and system hardware.

Editor's Picks