I'll try to keep this as simple as I can but with as much info as possible so bare with me
I inherited my work network about a year ago and its something that has just grown organically over time with every single switch being simple unmanaged units - currently its a flat network. I have recently introduced a Cisco 2960 as a core device connecting all the servers into it along with uplinks to all the other main switches in the main building, the firewall and links to other sites.
An opportunity has arisen (due to an office move) to get some budget to improve the network and also to purchase an IP Phone system to replace our ageing digital system. My plan is to purchase 2 more 2960 switches and stack them with the existing unit to improve connectivity between desktop pc's and servers.
At present we're running a 10.0.0.0/16 addressing scheme and have the following ranges in use
10.0.0.0 - Servers
10.0.1.x. - Desktops (no internet access)
10.0.2.x - Desktops (Full internet access)
10.0.3.x - Desktops (limited internet access)
10.0.4.x - Printers
10.0.5.x - Wireless Infrastructure
10.0.6.x - Time management devices (clock machines)
10.0.7.x - IP Phones on our current digital system
10.0.8.x - IP CCTV Cameras
10.0.9.x - Mobile phones
My plan is to subnet things off and go for
10.0.0.0/16 - PC's, printers, wireless, time management, mobile phones (VLAN1)
10.5.0.0/16 - IP CCTV (generates HUGE amounts of data) (VLAN5)
10.10.0.0/16 - NEW VoIP System (VLAN10)
The idea is to run the VoIP on a physically seperate network (seperate switches) from the rest of the network as we dont have QoS switches anywhere on the current LAN and use a Layer 3 switch to route between VLAN's
The VLAN1 and VLAN10 will need to have some crossover due to desktop apps that coexist with the phone system but no traffic from VLAN5 and 10 should ever meet.
To save money the management are not keen on buying in 2 x 2960 devices but just the one and reusing one of our current unmanaged devices on an uplink from the 2960 stack.
This obviously means that I'll have a mixture of VLAN tagged and non-VLAN tagged traffic at the network core, I'm not worried about outside of the core where there are only a couple of devices per switch etc... but I'm concerned that I wont be able to guarantee a service level .
I know that there will be flaws in the way I've thought about moving forward but in the absence of anybody with any knowledge at work to bounce things off, I need some help in getting the best possible network design based on replacing a few key switches
If anybody is still reading, thank you very much!!! :) Any and ALL suggestions are very welcome.