|1. They have A windows Server 2008 R2 server with 2 onboard NICs. They have a single switch connected. One NIC has the main IP and gateway and is what internet traffic is NAT-ed to. The 2nd NIC has the same gateway and an IP in that subnet and is for other traffic. I know from experience they should not both have gateways even if in same subnet.|
2. The same server is connected to a layer 2 switch with no VLANs set up. Connected to that switch is an iSCSI SAN that serves up storage to the server over the 2nd IP. I am failing to explain to them why it is valuable for security and performance reasons why they should either use VLANs or get a separate switch for the iSCSI traffic. They do need to be able to replicate that SAN storage over the WAN so it can't be completely isolated. They are basically using a flat network and the server is getting hosed.
3. Lastly, Every SAN vendor I've ever worked with has recommended purchasing separate iSCSI HBA cards instead of using the onboard NICs that come with most servers today (ours come with 4 onboard). Again I can't figure out how to explain to them that the HBAs take load off the server's CPU and motherboard.