[WBEL-users] Layer 3 - Managed Switch Advice pls...

[Andrew Vong]

Dear Systems & Network Gurus,

This question is related to networking so it's not entirely Linux-related 
but my final solution (i.e. inclusive of servers) will be runnning Linux. I 
hope to hear from anyone out there who have had experience with the 
equipment listed below and if possible help provide me with some feedback. 
Thanks. :)

I am looking into purchasing a Layer 3 Managed Switch. I am implmenting 
this for a fairly small company with about 60 - 70 nodes (PCs + Servers). I 
am planning on using the Layer 3 Managed Switch as the core switch with 
about 10 VLANs.

Requirements
--------------------
- 1 VLAN for the servers
- Separate VLANs for different workgroups
- Workgroup VLANs are not allowed to communicate with each other - so, no 
routing between them.
- All Workgroup VLANs are ONLY allowed TCP 80, 110, 22, 25, maybe a few 
others (depending on which workgroup VLAN) traffic to the Server VLAN.
- Port mirroring (i.e. like Cisco's SPAN port) of all VLANs into a single 
port so I can stick an IDS to monitor internal traffic.

Question
-------------
1) Is such a setup possible with Layer 3 Managed Switches (i.e. I would 
like to limit the type of traffic allowed between VLANs) ?
2) For my IDS to monitor all 10 VLANs' traffic, do I need a special NIC to 
do it? Or will the standard Fast Ethernet NIC that comes with a server suffice?


Layer 3 Managed Switches
---------------------------------------

Here are the switches I am thinking of going for. I don't think we can 
afford the Cisco one but I'm putting it in anyway to give an idea of what 
I'm looking for but with a more affordable price tag:-

1) Cisco - Catalyst 3560 24-port 10/100 (Model no. - WS-C3560-24TS-E)
2) 3Com - SuperStack 3 (Model no. - 3326 or 3350)
3) SMC - TigerSwitch 6724L3 (Model no. - SMC6724L3)
4) Dell - PowerConnect (Model no. - 5324 or 3448)


I would appreciate any feedback.

Thanks in advance.

Best Regards,
Andrew