Thanks Philips,

Say if its L2 MPLS, do i need Firewall at each site, if i am not behind SP firewall ?

Only if they are Internet circuits.  Are they private links, or Internet circuits?

In fact it is Ethernet Network Service (Metro Ethernet). My Provider has given me 4 x 10/100 network Interfaces. so keeping in view , what is hardware i have required at my side ?

You have a lot of choices.  Options I like are:

Layer 3 switches:

Cisco 3650: http://www.cisco.com/c/en/us/products/switches/catalyst-3650-series-switches/models-comparison.html

Cisco 2960-XR: http://www.cisco.com/c/en/us/support/switches/catalyst-2960-xr-series-switches/tsd-products-support-series-home.html

Routers:

Cisco 891-24X: http://www.cisco.com/c/en/us/support/routers/891-24x-integrated-services-router-isr/model.html

Cisco 891F: http://www.cisco.com/c/en/us/support/routers/c891f-integrated-services-routers/model.html

Cisco 4331 (with performance licence) or 4351: http://www.cisco.com/c/en/us/products/routers/4000-series-integrated-services-routers-isr/models-comparison.html

Thanks Philip for your great help !

one quick question, whether i need both routers and switches ? also I have attached what my provider has given me. actually i am confused that what hardware i have to have ...

Thanks! 

If you use layer 3 switches - then you only need a switch.  No router needed.  The reason I like the layer 3 switches is you need a switch at each site anyway, to plug in all the computers.

If you already have layer 2 only switches, then you could consider putting in a router instead.

The routers do have extra functionality, but you are unlikely to need them.

And then you get interesting options, like the 891-24X, which is a router with a 24 port Gigabit switch built in, with 8 of those ports being PoE.

I believe each site have 70 to 90 users.and if i buy Cisco layer 3 switches, so i need 2 x 48 10/100/1000 layer 3 switches with IP services for each site. right ? 

Thanks !

If you are happy with with "RIP", "EIGRP Stub" or "static routing"  then you only need "IP Base".

If you have that many users, I would probably go for a stacked pair of Cisco 3850's.  You can stack 3650's, but you have to buy extra stacking modules, and after buying those you might as well as bought the higher spec 3850's.

http://www.cisco.com/c/en/us/products/switches/catalyst-3850-series-switches/models-comparison.html

Bravo !

One thing more.. if i have fiber hand-off from provider instead of copper RJ45, will i have to change switch ? secondly, i have CISCO ASA 5500 series firewalls on each site, what if i connect hand-off (fiber/copper) directly to firewall and then connect from firewall to switch ? 

Thanks !

You just need a switch with a fibre module then.

You could use a firewall to terminate the connections.  You wouldn't really need anything else to do the layer 3 then.

But the layer 3 switches will be kick-arse fast ...

I guess it comes down to how much you want to spend.

Great !!!

So, conclusion is that i need Cisco 891 router OR Cisco 3560 Switches at each site to terminate hand off. (Fiber/Copper). And if need to put firewall , i can use on edge.

correct me if i wrong...

Also please see attachment Design and recommend pls.  

Thanks !

and another thing that if i use 891-24x routers for terminating Metro Ethernet hands off. whether it will support 100mb WAN circuit speed ? and might be we increase from 100mb to 200mb in future.

thanks !  

It will manage 100Mb/s no problems.

As long as you don't enable NAT or firewall it should do 200Mb/s easily.