Skip to main content
FortiQ
FortiQ
New Member
April 25, 2018
Question

Vendor says...CORE CORE CORE switch - buy HP....?

  • April 25, 2018
  • 1 reply
  • 7645 views

250 users across 4 locations, Fortigate 300D and various Fortiswitch 248DPOE and FPOE switches.

Network was never VLAN'd properly and was running on old cheap switches in the past.

 

New vendor is saying "core switch is needed" must be HP (they support and heavily push HP)

While they are also a Forti vendor, they say Fortinet has nothing that compares with an Aruba or similar core switch.

 

Would like to utilize current Forti switches (new) and unsure why core switch would be so important.

Have not been provided any performance metrics or network data to suggest issues, aside from knowing it's one broadcast domain (working towards VLANS)

 

Unsure a core switch is needed at this stage...opinions/experiences?

    1 reply

    emnoc
    emnoc
    New Member
    April 26, 2018

    Ask  them  why ? Why do you need a new switch ? What's driving the  suggestion ( qty port or lack of ) , EoL with whatever you have now,  speed and types  ( 1/10/40 gig ), etc...

     

     

    FWIW HP makes outstanding producst, good  reviews, good support, and feature rich . You can't go wrong  buying HP.

     

     

     

    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    April 26, 2018

    IMHO a full featured 'core' switch is only needed if you need

    - redundancy, that is, stacked switches (similar to a FGT HA cluster)

    - routing protocols (ISIS, BGP, OSPF, ...) which would mostly refer to a WAN switch

    - 10/25/40/50/100G interfaces for fiber lines

     

    If you plan to segment your LAN into VLANs the FGT will do the routing (AFAIK the FS are Layer 2 only) which shouldn't be a problem.

     

    What exactly in your surroundings can a HP switch achieve that a FortiSwitch can not? On the contrary, you can see a FS as an extension to the FGT thereby pushing your security policies right up to the access port. A switch from a different vendor is not integrated into the Security fabric (policies, logging, reporting), cannot be managed from a single pane of glass, and is not a security device. You will need additional training, and use different paths to service and support.

    It sounds to me they distrust the FS. You can judge the reliability and feature set of the FS by your own experience.

    Bruno_Pereira
    Bruno_Pereira
    New Member
    April 26, 2018

    Hello,

     

    I have HPE 5900 in IRF. Working with two 600D fortigate in HA and doing Layer 3. I am satisfied with performance and stability. ps: I have 1700 users.

     

    Terms & ConditionsAccessibility statement