I haven't used the netgear before. But a little more information first. How are you getting your network connection? Is it a business DSL / Cable Modem, a Fractional T1 or full T1? Basically how is the office connected to the net?
Second, what is the Internet connection used for? when the network goes down, does it just cause problems with people doing non-work things (email, checking the weather, etc) or does it actually prevent customers from reaching you?
First thing I'd do would be get some kind of logging and metrics showing traffic and the possibly of lost revenue because the network is down. Point out that almost everything on the market today has a web page associated with it, used as a cheaper form of advertising than buying a commercial on tv.
Maybe not best practice, nor the best way to do it, but here is something I did in the past that might work for you.
I once supported a remote office in Ohio. Small College town, but the plant was too far from town to get any kind of real service. The best we were able to do was an over priced and slow ADSL connection. It had to support the computer network, VPNing in to our network with a client connection, the VOIP system, and their non-work related traffic that didn't go over the VPN. The network was the DSL endpoint, with a built in firewall and then our PIX firewall.
The person that set it up, could get client connections (pix to our ASA) with VPN, but not a site (Pix) to site (ASA). Problem turned out to be the port forwarding on the DSL device (I found it after he left).
Anyway about 2 years after it was set up, our business partner (company B) made a deal with a third company (company X) to be on site at that locaiton.
I ended up splitting the DSL connection off the modem, 1 line going to our Pix, the other line going to a BEFSR41. I had to set up some NATing in both the DSL device and the Linksys to make everything work. But it worked pretty well. I used the DSL as a firewall, and the firewall option on the router. Defense in layers.
So that was basically a long way of saying, check how the connection terminates to you (if dsl or cable, it might have a firewall built in, take advantage of that as a first layer). Then make other configuration changes to the Linksys behind it. I've found that when I had a linksys router (Comcast at home, no firewall on the comcast cable modem) it would freeze up at times due to being overwhelmed with traffic (usually port scans to my external static ip address).
Don't trust the switch in the linksys, put a work group switch behind it (I did that for company X) that way the internal network can at least stay up.
Getting the wireless or the VPN option wouldn't be worth it, if you're not going to use it. And having it will cause management to want to start pushing to use those features. Just a waste of money basically. I do like the idea of having a syslog server for centralized logging though.
If you don't mind using Used out dated equipment, you can get a decent cisco router and cisco 24 port switch used off Ebay for less than what either device you're looking getting would sell for. That's how I built my last CCNA lab, 3 cisco 2900 switches, and 3 cisco 2500 routers. Can't do VLANs, but might work for what you need.
Last edited by rattis
on Wed Apr 28, 2010 10:27 pm, edited 1 time in total.