@scottalanmiller

Did you ever solve this problem? Just wondering what you solution was if you did.

@Dashrender said in Netgear Insight Managed Switches:

@pmoncho said in Netgear Insight Managed Switches:

@Dashrender said in Netgear Insight Managed Switches:

For $100, yeah I'd just do it. Otherwise you're looking at 2-4 (or so) 1 Gb/s teamed connections....

Exactly. I was thinking something similar also.

I don't need HA but am looking for a little more speed and more simple setup going forward. One cable vs 2-3 (tiny, tiny part of larger plan), consolidating hosts (soon), creating midday backup plan without penalizing daily workers, plus other changes I am contemplating for the future.

I do want to put the available budget to the best use to get the best value, plus a small morsel for the future too.

yeah, really it does come down to more than just this single port for this server -

Do you need two connections in case one fails? Do you need two switches in the backplane in case one fails? How many other SPF+ ports do you need?

We don't know how many ports you need where.

I try to keep things simple but not any simpler as the phrase goes.

We are an SMB with about 30 users and about 25 external clients that use our servers.
I don't have a need for multiple connections to multiple switches. I do have two separate racks though.

One two post rack that holds Patch Panels for PC's and phones, Switches for phones (on a separate network), switch for pc's/printers and main router.

Second rack has all servers (4 total), two NAS's (old and new), SSL-VPN, switch for servers (currently connected via SPF+ to pc/printer switch)

I was thinking, three SPF+ for three vMware Hosts (one is backup server) and one SPF+ over to 2nd switch for PC's and Printers.

I don't NEED SPF+ just like I don't NEED SSD's in the new server (purchasing soon) but if the extra cost is small why not spend it and be done while also keeping things a little more simple.
Extra $150 for 10Gb simplifies two or three 1Gb connection. Extra $200 for two SSD's in RAID 1 vs 6 10K SAS in RAID 10.

We keep our equipment around a long time, especially servers (7 years with Dell's warranty). This, IMHO, helps me get the value out of the extra money spent.

@marcinozga said in Netgear Insight Managed Switches:

@pmoncho said in Netgear Insight Managed Switches:

@marcinozga said in Netgear Insight Managed Switches:

Gen 2 Unifi switches have SFP+, Edgeswitch Lite have SFP+ too, and Edgeswitch 16 XG has 12 SFP+ ports.

I missed the Gen 2 Unifi as I was only looking at the Edgeswitch line - I will look into those

Edgeswitch only has SFP+ on 48 Port switches. 24 port switches only have SFP unless I missed something.

At this time I don't have a specific need for that many. Although, I could figure out how to use them

If you want 24 port, then I think only Unifi Gen 2 has SFP+ https://switch.ui.com/gen2/
They do have just SFP+ switches, with 12 SFP+, both Edgemax and Unifi.

Reviewed these. Just noticed that all Gen 2's are POE. Not that big of a deal but I don't need POE.

@WrCombs said in how does this work? Modems/IPs/PCI Scans:

@pmoncho said in how does this work? Modems/IPs/PCI Scans:

@WrCombs said in how does this work? Modems/IPs/PCI Scans:

@WrCombs said in how does this work? Modems/IPs/PCI Scans:

@pmoncho said in how does this work? Modems/IPs/PCI Scans:

@WrCombs said in how does this work? Modems/IPs/PCI Scans:

Forgive the newbness ; But the way I understand this is: the Modem gives off the public IP - right?
then the devices behind the modem are under that public IP - right?
and then the firewall (router) give the Devices Private IP's.

For example; PCI scans scan the public IP ; not individual device IPs- Right?
so if there are 2 computers in an office; one handles credit cards, is behind a hardware firewall (is as compliant as you can be for this example ) and the other is not behind the hardware firewall (that the other Device is behind) but behind it's own. They scan the Public Ip and get a response from That PC - Right?
fail their test and then blame the other device (because thats the one they want to scan) and we have to some how magically fix it.

If this is wrong, I apologize. this is the way I understand it, and this is the way it's been explained to me.

Configuration of the FW means everything in this situation.

Very simple setup with only a single IP assigned from ISP.

Internet -> ISP modem -> Your Firewall (Your first assigned Public IP address they give you) -> Internal devices (LAN IP address).

In this situation, typically you will have many devices behind a single FW/Router and they will use a NAT mode called 1-to-many. To the world all devices will have your FW Public IP if you google "Whats my IP"

If this is your situation, without any other configuration, when PCI scans your Public IP it will hit your FW, not an internal device, computer one or two.

The configuration can go a bunch of different ways from the above and without knowing that, it is hard to tell you when or if (in your question) computer 2 will be scanned by PCI.

So the question is, does your FW/Router setup to do any other form of Network Address Translation (NAT) or Port Address Translation (PAT) or both?

If they want to scan your computer 2, your FW (if there is one) in front of computer 2 needs to be configured properly.

I have no way to check that;
I will keep that in mind.

in this situation, the 2nd PC (computer 2) is not behind any firewall, but a ISP provided modem and store bought router, not used for credit cards, but using the same modem.

side note I know that this is bad practice ; absolutely ridiculous that both of them are on the same network and one is not using the firewall; I understand this. My boss said this is how we do things, Because we protect our PC (for credit cards) even though I know it's wrong, It is what my boss said..

That's fine. They just have the networks separated (I was a little confused but understand a little more now).

Are one of these Firewalls or Routers wireless?
Is there wireless on the ISP modem?
If neither of the above, does the ISP modem have two separate cables going from WAN to LAN?

All of this is fine and will dictate how and external device (PCI scanner) gets correctly routed to the 1st and 2nd PC's as it seems like they are on separate networks.

i think one of them in wireless, and from my understanding they're are 2 cables from ISP Modem.

Wireless would explain it then (best guess here). The 2 cables may be one in and one out (WAN side and LAN side).

Are both of the PC's on the same network (e.g. 192.168.1.x/24)? (should have asked this first)

@WrCombs said in how does this work? Modems/IPs/PCI Scans:

@WrCombs said in how does this work? Modems/IPs/PCI Scans:

@pmoncho said in how does this work? Modems/IPs/PCI Scans:

@WrCombs said in how does this work? Modems/IPs/PCI Scans:

Forgive the newbness ; But the way I understand this is: the Modem gives off the public IP - right?
then the devices behind the modem are under that public IP - right?
and then the firewall (router) give the Devices Private IP's.

For example; PCI scans scan the public IP ; not individual device IPs- Right?
so if there are 2 computers in an office; one handles credit cards, is behind a hardware firewall (is as compliant as you can be for this example ) and the other is not behind the hardware firewall (that the other Device is behind) but behind it's own. They scan the Public Ip and get a response from That PC - Right?
fail their test and then blame the other device (because thats the one they want to scan) and we have to some how magically fix it.

If this is wrong, I apologize. this is the way I understand it, and this is the way it's been explained to me.

Configuration of the FW means everything in this situation.

Very simple setup with only a single IP assigned from ISP.

Internet -> ISP modem -> Your Firewall (Your first assigned Public IP address they give you) -> Internal devices (LAN IP address).

In this situation, typically you will have many devices behind a single FW/Router and they will use a NAT mode called 1-to-many. To the world all devices will have your FW Public IP if you google "Whats my IP"

If this is your situation, without any other configuration, when PCI scans your Public IP it will hit your FW, not an internal device, computer one or two.

The configuration can go a bunch of different ways from the above and without knowing that, it is hard to tell you when or if (in your question) computer 2 will be scanned by PCI.

So the question is, does your FW/Router setup to do any other form of Network Address Translation (NAT) or Port Address Translation (PAT) or both?

If they want to scan your computer 2, your FW (if there is one) in front of computer 2 needs to be configured properly.

I have no way to check that;
I will keep that in mind.

in this situation, the 2nd PC (computer 2) is not behind any firewall, but a ISP provided modem and store bought router, not used for credit cards, but using the same modem.

side note I know that this is bad practice ; absolutely ridiculous that both of them are on the same network and one is not using the firewall; I understand this. My boss said this is how we do things, Because we protect our PC (for credit cards) even though I know it's wrong, It is what my boss said..

That's fine. They just have the networks separated (I was a little confused but understand a little more now).

Are one of these Firewalls or Routers wireless?
Is there wireless on the ISP modem?
If neither of the above, does the ISP modem have two separate cables going from WAN to LAN?

All of this is fine and will dictate how and external device (PCI scanner) gets correctly routed to the 1st and 2nd PC's as it seems like they are on separate networks.

@WrCombs said in how does this work? Modems/IPs/PCI Scans:

Forgive the newbness ; But the way I understand this is: the Modem gives off the public IP - right?
then the devices behind the modem are under that public IP - right?
and then the firewall (router) give the Devices Private IP's.

For example; PCI scans scan the public IP ; not individual device IPs- Right?
so if there are 2 computers in an office; one handles credit cards, is behind a hardware firewall (is as compliant as you can be for this example ) and the other is not behind the hardware firewall (that the other Device is behind) but behind it's own. They scan the Public Ip and get a response from That PC - Right?
fail their test and then blame the other device (because thats the one they want to scan) and we have to some how magically fix it.

If this is wrong, I apologize. this is the way I understand it, and this is the way it's been explained to me.

Configuration of the FW means everything in this situation.

Very simple setup with only a single IP assigned from ISP.

Internet -> ISP modem -> Your Firewall (Your first assigned Public IP address they give you) -> Internal devices (LAN IP address).

In this situation, typically you will have many devices behind a single FW/Router and they will use a NAT mode called 1-to-many. To the world all devices will have your FW Public IP if you google "Whats my IP"

If this is your situation, without any other configuration, when PCI scans your Public IP it will hit your FW, not an internal device, computer one or two.

The configuration can go a bunch of different ways from the above and without knowing that, it is hard to tell you when or if (in your question) computer 2 will be scanned by PCI.

So the question is, does your FW/Router setup to do any other form of Network Address Translation (NAT) or Port Address Translation (PAT) or both?

If they want to scan your computer 2, your FW (if there is one) in front of computer 2 needs to be configured properly.

@Dashrender said in Netgear Insight Managed Switches:

For $100, yeah I'd just do it. Otherwise you're looking at 2-4 (or so) 1 Gb/s teamed connections....

Exactly. I was thinking something similar also.

I don't need HA but am looking for a little more speed and more simple setup going forward. One cable vs 2-3 (tiny, tiny part of larger plan), consolidating hosts (soon), creating midday backup plan without penalizing daily workers, plus other changes I am contemplating for the future.

I do want to put the available budget to the best use to get the best value, plus a small morsel for the future too.

@brandon220 said in Netgear Insight Managed Switches:

At one of my clients we installed SFP+ cards in a group of Hyper-V hosts a few years ago. It was worth the extra cost IMO.

Stop tempting me!

@wrx7m said in Netgear Insight Managed Switches:

@pmoncho said in Netgear Insight Managed Switches:

I only have a three switches total so stacking is not that important to me

It isn't just for management. In most cases, a stacking style will have much greater throughput between switches.

You bring up a good point. I will look into that. I haven't stacked switches since I went from a two 16's to one 48 port swtich (PC's and Printers).

Q. I've seen the phrase "Virtual Stacking." What the heck is that? Or what situation would that cover. Would this be relevant to me if as my two switches will not be located in the same rack but about 6' apart?

@wrx7m said in Netgear Insight Managed Switches:

@pmoncho I am guessing that none of those have a dedicated stacking interface?

I don't know, I will check into that. I only have a three switches total so stacking is not that important to me.

As for the Netgear Insight managed devices, they do all pop up in the Insight app (cloud or mobile app), kinda like Unifi controller for Unifi devices.