New Switch Design

Unanswered Question
Jun 14th, 2007

Hi all,

I am tasked to design the network infrastructure for new office. There are up to 180 network points. There are One production segment, one UAT segment and one guest segment. These segment steamlined the purposes. for example, guest segment is meant for guest's wireless access, and they are only allowed to surf internet thru the company's internet access.

How should I go about to design the network?

Any suggestion is welcome!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ariela Thu, 06/14/2007 - 23:28

Hi,

first suggestion, obvious, use VLANs to separate production from UAT and guest segment in your L2 topology.

See that:

http://www.cisco.com/application/pdf/en/us/guest/netsol/ns656/c649/cdccont_0900aecd804ab672.pdf

http://www.cisco.com/application/pdf/en/us/guest/netsol/ns656/c649/cdccont_0900aecd804ab67d.pdf

Then use 802.1x+radius server authentication:

http://www.cisco.com/application/vnd.ms-powerpoint/en/us/guest/products/ps6662/c1161/cdccont_0900aecd80313f72.ppt

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12225see/scg/sw8021x.htm

For wireless another good thing to know is Fast Secure Roaming:

http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_technical_reference09186a00801c5223.html

The gateway will be a L3 device that works as router on a stick for inter-vlan routing: you could apply here your policies about Internet access for wifi users, and all you need.

This is very essential. However your focus must be "High Availability" of your network services, "Security", and "Fault Tolerance". If you need more infos you're welcome.

HTH

Andrea

Actions

This Discussion