I understand the general concept of LANs, VLANs and subneting (IP Address, how they consist of binary code, broadcast address (LAN), layers of the OSI model etc). I've studied networking at university about 3 years ago.
However I was never taught how to apply these things in practice.
I am involved in a project that requires implementing 3 networks using the same hardware, please see below for a brief explanation:
We have a network with a router/firewall SonicWall TZ 190 IP 192.168.0.1 and DC IP 192.168.0.4 (DHCP on), using 2x 4000 HP Procurve switches to connect the end nodes (around 60 PCs, which we call "the business" network).
1- We want to implement around 70 extra computers in the network. Which would need to be "separate" (not able to see the business network) but still able to access a server hosting a data base, where this specific server would still communicate with the business network in order to synchronize the data.
2- We want to implement around 20 extra computers to the network. Which would be the same case as above, where they won’t able to see business network or the second network, but would still be able access the same database server, which is also still able to communicate with the business network.
What would be the easiest and manageable way of achieving this? Subneting? VLAN? Neither?
What sort of hardware would we need? (we have also a Draytek Vigor 2820n spare)
We are also concerned about security, so from what I understand subneting isn’t the most secure way. Is that correct?
I hope I was clear enough, If you need any extra info please let me know.
Please find attached 2 diagrams, current situation and ideal situation.
Thanks in advance.