I'm planning to segment a school network. It is one big broadcast domain. The network has about 250 PCs, 50 laptops, 30 Macs, 15 networked printers and 7 servers. Currently we are on a gigabit ethernet connections using a layer 3 switch and several layer two switches.
We hope to go wireless in the near future as well.
The task/challenge for me is to segment the network to create a secure network making full use of the layer 3 switch and also increase the efficiency of the network by elliminating excess and unecessary traffic.
Currently there are about 800 students and 80 staff who are users. We use Active directory to authenticate users who want to access resources on the network.
The current topology is simillar to the attached picture with class B address of 172.16.x.x /23
Any help would be much appreciated