Solved

Not sure what route to take

Posted on 2014-11-05
2
126 Views
Last Modified: 2014-11-11
I am in the middle of re doing the network and Firewall (I am a former cisco guy) but due to the difference in price I was unable to use Cisco.

Products
procurveee  29XX and 1XXD Fortnet. having a difficult time making a decision and probably over thinking this but this is the first time I dont have a team to help plan things out. This would be much  easier in a brand new environment

Network Details
middle of a complete Network overhaul- Trying not to interrupt normal production at the same time but  I know there will some.

I already re wired the engineers with CAT6A Shielded. Previously IT admin didn't use a patch panel and has random home grade switches spanned across 60k sqft with no backbone cabling and 3 24 port smb unmanaged switches as the core. You cannot tell where any wires are going its a complete mess.. Ill upload a pic later today.

My Ideal -- Overall Ideal
To keep production flowing re wire one department at a time it worked for migration to new domain etc ! 1 CAT6A cable for data and future 10G speeds  and 1 CAT6 for VOIP ( keeps cost down. VOIP is not yet implemented that is a future project). create VLANS as I Go and keep the original LAN as management network once everything is said and done.

First Implantation-
Move Designers from old switch to new and setup a VLAN for them. Install New Firewall and use a router. Connect old switches to new firewall to keep everyone working\

internal
VLAN10 192.168.2.1Engineers/Programmers -- These guys can Talk to everyone but office.
VLAN20 SHOP 192.168.3.1-- Need to see main directory same as engineers but cannot talk to Office -IT Management - or Managers
VLAN30 Office/Managers 192.168.4.1-- Can see everything but Management network
VLAN40 Management 192.168.5.1- Segregated to admins only--Firewalls-Motion-etc...Exchange,DC Etc
VLAN60 Printers-192.168.6.1 Everyone can see them
VLAN70 Machines-192.168.7.1-Only Need to see shop
VLAN80 192.168.15.1 Guest
Now my question is do I need to put the file server and DC and all the servers on the on the management network and trunk the ones who can see it or have access? or whats the best way to do this

External,
We have few I P  address and what I wanted to do since we have 3 WAN ports on gateway and 3 useable address I wanted to separate traffic guest/employees use .89 Exchange uses/web server uses .88 Is this a bad ideal? Create multiple pipes out.

Data Center

The messed up part of the Data Center since I had to do System's upgrade before the network. So I had no choice since the cables were not marked etc and recovery from disaster right before new hardware arrived ... 3 "core switches" unmanaged that connect everyone. I have Also Attached Pics if this is all garbled up

Just to many ways of doing this and only one person to think this over.

The question is WWEED * what would experts exchange Do*....How would my fellow engineers go about this or any flaws in this design ?
Patch-panel-Designers.jpg
Old-closet.jpg
Server-rack.jpg
0
Comment
Question by:Chuck Finly
2 Comments
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 250 total points
ID: 40424506
The question is WWEED * what would experts exchange Do*....How would my fellow engineers go about this or any flaws in this design ?
I think that you're going to need to be a little more specific.  

Now my question is do I need to put the file server and DC and all the servers on the on the management network and trunk the ones who can see it or have access?
You can go either way.  Personally, I like putting the servers on a "server network" if possible.  Makes it easier to manage access.

On the vendor selection, I'm a Cisco guy (been a CCSI since 1999). But I run into everything when consulting.  And if you can't go Cisco, I would go with HP.  You can't beat unlimited support.  And the CLI is close enough to Cisco that it's relatively easy to pick up.  There are a couple of diversions ("trunking" for example), but not impossible to overcome.
0
 
LVL 12

Accepted Solution

by:
atrevido earned 250 total points
ID: 40425119
I love HP switches because they are cheap, have unlimited free support and lifetime (free) warranty.  Can't beat that. They work in the worst environments which is what I need.  We only do cisco routers but all Procurve switches.  Here is a great guide on Cisco and HP terminology and CLI reference.  like if I do it this way on a cisco what are the commands on the procurve.  



OMG, you're using Dell switches.  You'll be THRILLED with Procurve then.

If I was replacing all switches I would program new switches with my static addresses and all the vlans, program them and attach them to the old ones in series (uplink). test VLANs and routes then I would slowly migrate people over, moving the patch cables.  When the Dell's are empty, just move the uplink from the new switch to the router.  Then I would work on the router.  If it was just me doing all this work i would just do it step by step starting with the easiest which IMHO is the switches.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now