Network Design for office of Independent Contractors

Who is providing the computers - are they their own, or are all systems the same and provided by the office?

If they're all provided by the office, I would still put them in a domain with accounts.  They don't have to share anything - you can give them all their own home folder, back them up, provide printing and Internet - and even charge them for it.

i run many realestate remote and host sites.  I would always recommend a domain structure over a workgroup.  Int eh long run they will want to share files and printer, etc.  it is best you put he domain in place first.  One thing i would also do is purchase a pix 501 or higher(depending ont he office size).  This will provide protection as well as remote vpn access and int eh future you can build static vpn tunnels to other sites if need be.  the pix code is very easy to learn.  For your internal users, the domain structure is the best solution.  anything else depends on what they need to do for daily functionality.

They are provide their own PCs/Laptops.  Alot of them come in with Home Editions of XP or 2000.  So right off the bat they need to spend $200 to upgrade to XP Pro and then I have to migrate their data and setup there accounts.  Obviously I don't mind doing this but often times they don't need anything other than the internet and printing (which they can directly attach to).

I understand and have implement the domain architecture secured with Watchguard products.  I am just wondering if this is the best setup from a business perspective.  Do you just force the agents to pay or give them options.  It definitely makes sense for the office and its staff to be part of the domain, but the agents is where I have the debate.

Thanks for your suggestions.

i would definitley make them pay for upgrades.  this is their business and as much as they dont think that it is neccessary, they never realize until something fails or doesnt work or cannot be done with an existing infrastructure.  In the end it benefits them and the IT administrator.  Just make sure you plan out hte right solution the first time.  It is usually easy getting money once, but when you have to go back and ask for more money for upgrades later, they tend not to like it.

To answer your question, YES.  make them pay first.

yes it would, but would create a more sound infrastructure.

So maybe a good solution might be to put the office on the domain and on their own VLAN.  Any agents that want to be part of that system, pay to be a part of it.  Any agents the don't see the need for all that get a Hot Jack on a seperate VLAN to access the Internet and printers.

>>Any agents that want to be part of that system, pay to be a part of it.

You don't really have to have two vlans.  They can be on the same IP network, but not be members of the domain.  They could still get DHCP and Internet and IP Printing.

If you give them a domain login - what does that buy them?  Just the opportunity to store files on a server?  No big deal - unless you add value.  You could back that server up nightly, so you're offering them a file backup service.  Or "membership" could include X free hours per month of technical support - for anything pc/laptop related.  I would make it a per month cost, so you get residual income.  I would not make the hours carry over.

Or ... heh heh heh ... you could RATE LIMIT the non payers with some fancy network gear and either open up or prioritize your paying customers ... <wicked laugh>.

As part of your support - you could offer a monthly spyware/virus sweep, defrag, housekeeping.

All just depends on how much you want to futz with their machines.

vlans?  now you are talking about layer 3 switching.  do you have a layer 3 switch?

You can get VLAN features in Layer 2 switches which are in some of my installations.  I guess my reasoning behind the VLANs is that if I just give agents a Hot Jack, the only real way to control a virus outbreak or something from affecting everyone on the LAN is to segment it.

Pseudocyber - good suggestions on value add propositions!  If you have anymore I am all ears.

CBT - what do YOU want to do?  We can think of all kinds of stuff - firewalls, layer 3 switching, port authentication, etc.  How much money do you have to play with, what are your minimum requirements, what are nice to haves, what are crazy things you might want to hear about?

Well, the ideas that have been given are great.  I am just looking for a solid way to create a computing environment for that type of business.  I think I have a pretty good idea now.  Thanks!

Freya28 - can you give me an example of a piece of equipment that will do the port authentication and virus sweep before allowing access?

Pseudocyber - I want my customers to be efficent and profitable through my technology solutions and make some money doing it.  The amount of money I have depends on the what I can sell them on.  As long as I can show value, I have a good chance of implementation. They all currently have 2003 domain architectures, layer 2-3 switching, Firewalls w/ VPN access, Exchange 2003 w/ OWA active, wireless access and an antivirus solution.  If there are things I am missing that can add value to their business...I will entertain any suggestions.

Thanks for all the suggestions!

Like Pseudo said, what type of budget are we looking at.  But for equipment, I use Cisco 3750 Catalyst switches,  they can handle the port authentication,   you then have to implement Cisco virsu protection, if this is what you want to do,  but all cost money.  here is a link to explain

http://www.mcafee.com/us/about/press/corporate/2003/20031118_071634.htm

and again,  there are many things that can be imnplemented and the thing is to effectivley choose the one that fits into the situation at hand.  

Thanks for all of your comments.  I have split the points as I learned a bit from each of you.

Thanks!

Thanks.  :)