CougTek
Hairy Aussie
In case anyone looks for it, I've realized that I did a mistake in the name of the Supermicro switch. It's the SSE-X3348TR, not the SSE-3348SR like I wrote many times above.
I wish I could convey how much better it has been since the equipment that I've worked on and managed had switched over to a fully virtualized environment. We rarely deploy a non virtualized machine these days. There hasn't been a compelling reason to use a bare metal setup in a long time. All of the products I test and work on are now all virtual appliances. This is what our customers are also buying.
I hope that you can convince your management to eventually go down this path some day. It will make your life easier.
I hope you one day get the chance to experience the IBM V7000. It is magical in its ability to do for storage resources what hypervisors have done for server resources. It is dreamy.
I've found this document regarding clustered firewalls. It only covers the topic on surface, but it's a good start, I think, to get a general idea about the concept.
Regarding the guidance of our insurance company, with the cluster-fuck we currently have, I don't believe I can do worse.
Are all your customer facing services hosted off-site?
The minimum ip block size required to get your own ARIN numbers (/20) may be a strong barrier to keep you from hosting your own data.