The way that people with interesting, uh, agendas toss around the phrase "best practices" as relates to law enforcement is pretty interesting. I see it again and again and again in relation to cops and schools. "We must do [fascist thing X] because [X] is widely regarded as Best Practices." It often boils down to some vendor selling something and publishing scientifically questionable outright bogus "whitepapers" about how their snake oil saves lives and such.
What it comes down to in practice is that when someone says "Best Practices" in a context like that what they really mean is "The Largest Amount of Money We Are Currently Prepared to Spend in a Corrupt Fashion While Trampling the Civil Liberties of Some Folks Our Patrons Don't Like".
Conveniently, it is only my money they are considering spending (while taking their giant steaming shit on civil liberties).
1) What are your PF rules?
2) It seems a T1 is pretty archaic & over-expensive technology at this point. Towerstream (in boston) gives us great connectivity 8Mb/s symmetric for $800 which is 1/2 of what we were paying for a t1, and Comcast business seems even cheaper & better (but not available in our commercial district)
looks like a cisco 2600 router. why have that and a pc as a router? shoot, mine does routing, firewall, dns, dhcp.
duh...never mind .."replicate PF rules" is the answer. I suppose I can help with that.
The pc has 3 Ethernet ports on it (office, public, uplink). I haven't checked, but past experience suggests that making the cisco have those extra ports would cost 10x as much as a pc.
Also my experience dealing with cisco configuration has been... less than pleasant.
You might be able to manage to get an ethernet card for a 2600 cheap,but that won't help configuring the thing.
Oh man, an RDL ST-CL2 as a compressor/limiter?
Whatever that thing is feeding should be renamed The Suck and Pump 3000.
It's only used on the rare occasions when the lounge coffin is the source of the webcast audio. For the main room, Soundweb does volume normalization on the webcast feed.
I would suggest my own preferred router/firewall vendor (Juniper), but they don't make anything small that takes a T1 directly, only via serial (If that's how you plug in to the Cisco I'd suggest any of the SRX2X0 models as great devices, JunOS makes a hell of a lot more sense to run then IOS, but it does require learning it).
The Juniper devices really are great and JunOS is lot of fun to learn. I'm pretty sure I've seen T1/E1 modules for them though. I'm currently monkeying around learning Mikrotik which is very powerful for the $$.
In the Bay Area I would get one of the SRX series and the DOCSIS 3 card and go with Comcast business 100Mb service. Cheap, effective and reliable. Or perhaps Metro ethernet from Cogent; there's also RF service from Webpass or Wiline or Monkeybrains.