1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Education Optimise company wide network. What's the battle plan?

Discussion in 'General' started by dragontail, 26 Mar 2011.

  1. dragontail

    dragontail 5bet Bluffer

    Joined:
    9 Jun 2005
    Posts:
    1,779
    Likes Received:
    30
    I've been asked to lead a company wide internal networking review.

    * Software based company with 5 or 6 sites, 30-40 staff, many computers.
    * It's a bit messy at the minute, loads of VPNs going everywhere (hence the review).
    * The time scale is months.
    * Things to look at include accessibility, security, growth potential, performance, resilience, etc.
    * Technical director has offered guidance.

    At this point you're thinking: cheeky question son! Go do some research you lazy punk. Haha I agree - but this is difficult - I'm a graduate 6 months in and haven't done anything like this. Don't get me wrong, this is challenging but in a good way - all I'm looking for is advice. Anything you can think of really. Fire away.

    Fwiw, my first step is to get a Test Plan. Currently deploying googlefu.
     
  2. Picarro

    Picarro What's a Dremel?

    Joined:
    9 Jun 2009
    Posts:
    3,331
    Likes Received:
    134
    I have next to no experience networking myself (think bog-standard 200 square meter villa).

    What I would do is draw up a schematic of how everything is connected at the moment, then consult your list of objectives with the restructuring, and then start moving pieces about :)
     
    dragontail likes this.
  3. dragontail

    dragontail 5bet Bluffer

    Joined:
    9 Jun 2005
    Posts:
    1,779
    Likes Received:
    30
    Agreed. How do you do a review if you don't know what it looks like right?

    Ah, things like this makes me wonder how rubbish my own home network is :lol:
     
  4. Fruitloaf

    Fruitloaf Tinkerer

    Joined:
    5 Jun 2002
    Posts:
    236
    Likes Received:
    4
    Apart from finding out what you have now you haven't mentioned what you are hoping to achieve and what sort of budget you're looking at? With 5 or 6 sites you haven't really got many people per site and if they're geographically dispersed they could be a pain to support.

    It sounds like this could be a perfect scenario to deploy something like Google Apps and keep all your stuff in the cloud to reduce your support and backup burden while giving you some good collaboration software. Alternatively a centrally hosted email solution plus something like jungle disk is an alternative that might work for you.

    One place you might want to think about heading for some advice is the Spiceworks community (https://community.spiceworks.com/) which is excellent for this sort of thing.
     
    dragontail likes this.
  5. bemused

    bemused What's a Dremel?

    Joined:
    9 Jan 2011
    Posts:
    95
    Likes Received:
    3
    Looks like you need some Cisco ISRs and learn to take advantage of networking companies 'pre sales' cycles.
     
    dragontail likes this.
  6. dragontail

    dragontail 5bet Bluffer

    Joined:
    9 Jun 2005
    Posts:
    1,779
    Likes Received:
    30
    These are great suggestions, thanks chaps. I'm looking into all your suggestions, keep them coming. Anything - for example have you used a good networking tool in the past? Seen something done bad that should be avoided?

    And of course much deserved +rep for the help!
     
    Last edited: 27 Mar 2011
  7. Fruitloaf

    Fruitloaf Tinkerer

    Joined:
    5 Jun 2002
    Posts:
    236
    Likes Received:
    4
    The Register has recently had a few articles on network diagramming tools that you might find useful.
     
  8. Zoon

    Zoon Hunting Wabbits since the 80s

    Joined:
    12 Mar 2001
    Posts:
    5,495
    Likes Received:
    630
    Not meaning to be blunt, but your average network consultant would charge a grand a day to fix this for your company, the cheeky sods are making you do the leg work for nuffin extra, make sure you get the best out of it - maybe tell them you need a N+ or CCENT bootcamp so you can learn the technology involved to get the right answers ...

    I'd recommend you get a Cisco ASA5510, on a static IP address, and connect everything into that. If you need resilience you can buy two and put them into stateful failover mode, but you'll need two public IP addresses for it, and then you have to ask how your ISP resilience will work, because the static IP won't necessarily failover between the two, unless you get resilience via your ISP.

    They'll be around £1700 each, and would serve as enforcement point for internal connectivity, as well as providing both L2L and VPN Client access to internal and external individuals.

    You'd then apply an ACL on each VPN to only allow them to access certain resources on your local network.
     
    dragontail likes this.
  9. dragontail

    dragontail 5bet Bluffer

    Joined:
    9 Jun 2005
    Posts:
    1,779
    Likes Received:
    30
    Ah thanks Zoon. It's a bit of a learning curve I admit. The MD is looking at potential CCNA courses which should help massively. I'm always keen to do a bit of proactive research though.
     
  10. RichCreedy

    RichCreedy Hey What Who

    Joined:
    24 Apr 2009
    Posts:
    4,699
    Likes Received:
    172
    windows 7 ultimate and windows server 2008r2 with branch cache et al set up, should mean no more vpns here there and everywhere

    branch cache
     

Share This Page