Im working on segmenting my network into different vlans, and I'm going to create vlans for network devices, servers, PC/printers, phones, wifi, cameras, etc...
I'm also debating whether I should also further vlan my departments into different vlans, or just leave all computers together. Most of the vlans will need to talk to each other, like phones will need to talk to the servers vlan and the comptuers vlan as we have a phone softclient that directly communicates with the phones and the server. I'm trying to weigh between security and convenience.
So I don't want to add to much complexity, but just wanting to get different viewpoints of what would be the best method. We have about 95 employees, so about 90 computers, 90 phones, 35 servers, UPSs, etc.... in total, I have about 350 or 400 network devices.
I am mostly running cisco 2960x's, a few 3850's and a few 2960S's.