Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Moving from a Hierarchical Network Design to Flat Network?

Posted on 2009-04-23
8
Medium Priority
?
441 Views
Last Modified: 2012-05-06
We are Community College with a Cisco Network design. We currently have five campuses connected by metro E links. Each campuses have their own set of VLAN's.The school has hired Jim Grazcyk of Netway Solutions to evaluate our IT dept and network. He has recommended virtualizing some of our servers, manned help desks, active directory, exhange, etc. Most of these items are needed. The one thing that has puzzled us is why would we move to a flat network? Would this not lead to disaster? How would you handle the broadcasts on a network with 1700 computers and numerous other devices that pull ip addresses. Is there any reason for this (for virtualization? I am not familiar at all with this technology yet). How would we route traffic between campuses? Any way, as you can see the we are questioning this design change. Any input would be appreciated.
0
Comment
Question by:flyboy0_15
  • 4
  • 2
  • 2
8 Comments
 
LVL 21

Assisted Solution

by:from_exp
from_exp earned 1300 total points
ID: 24216952
hi!

I suppose Jim and you  have different understanding of meaning 'flat network"
it is clear, that you should have vlans and subnets for different types of equipment, you need access layer aggregated to core....
I don't know what is your current topology looks like, but simplicity should always be a key.
Networks tends to grow like trees and you have to cut some branches from time to time in order to create smooth look to a garden tree....

as for virtualization - true, you can improve your infrastructure with virtualization -  fewer servers to maintain, more efficient hardware resource usage, lower TCO etc.

We moved half a year ago to a virtual world and we have now only several dozens of hypervisors enclosed into HP blade chassis instead of hundred of separate servers... It is true, that you will face a lot of hidden problems, virtualizing everything around, but the result is really worth doing that.
0
 

Author Comment

by:flyboy0_15
ID: 24217873
Should we go to flat network?
0
 
LVL 21

Assisted Solution

by:from_exp
from_exp earned 1300 total points
ID: 24217901
What do you understand under term 'flat network'?
If you are talking about single subnet for all, then answer is negative.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:flyboy0_15
ID: 24218310
Yes, we are being informed that the AD needs to exsist on one network.
0
 
LVL 21

Accepted Solution

by:
from_exp earned 1300 total points
ID: 24218465
nope, it is not correct.
AD can have multiple sites.
For example, we currently have server vlan with AD, exchange, etc, workstation vlans with workstations and a lot of different vlans for specifig services.
0
 

Assisted Solution

by:bepe86
bepe86 earned 700 total points
ID: 24218490
No, you should _not_ move to a flat network of that size, and for a number of reasons

 - amount of broadcast traffic
 - lack of security through firewalls or access lists
 - one rogue DHCP-server would affect the entire network
 - troubleshooting the network is extremely difficult
 - it's really ugly (!)
0
 
LVL 21

Assisted Solution

by:from_exp
from_exp earned 1300 total points
ID: 24218512
bepe, thanks for support :)
0
 

Assisted Solution

by:bepe86
bepe86 earned 700 total points
ID: 24218550
And for the record, _exp is correct, AD does not need to exist on a single subnet. If that was the case, only small businesses would be able to use it.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question