Hypothetical Network

I was taking a shower this morning (yes it is that time a year when I must take a shower :( ) and I was thinking about if money wasn't a big deal and I could revamp the entire network for my company from the ground up what would I do. I thought about everything going to fiber-optics and retina scanners to enter server room and all that stuff. However I decided to think more practicle. So I a pose a question to the AO community-

If you could rebuild your network what would do? Not only server software wise but also what software packages would you have on the individual machine? How would you manage it and so on?

I am still thinking about this question but I thought it could make for some good discussion.

- MilitantEidolon

That's a pretty hard question to answer without knowing something about your network. What does your company do? How many users? How many offices? What are your primary user complaints? etc.

It's kind of like saying...I'm going to go on vacation. What should I take? I guess it all would depend on whether you're going to the beach or you're going skiing. Know what I mean?

Quote:

---

Originally posted here by MilitantEidolon
I was thinking about if money wasn't a big deal and I could revamp the entire network for my company from the ground up what would I do

---

This thread may be of interest to you

http://www.antionline.com/showthread...network+design

As Tk said it is a difficult question to answear because every company has different needs, however I do understand your question and will commentate on the network I am admistering. I can not say though what kind of network I would like to incorporate if I was on a unlimited budget just because for the needs of this company I have been given everything we need. Our biggest needs has been high availability and advanced QoS. After that have been security and managment.

-PIX 6.3
-Cisco PDM v4.0 for FWSM 2.2
-Cisco VPN 3000 concentrator
-Dell Power Edge 4600 w/ Windows 2000 server running all required network services, win2k DNS, AD, M1 and all other specialy needed personal business software.
-Poweredge 6600 w/ Windows 2000 server holding all shared network folders and also running exchange server running open relay filter.
-78 total workstations running. 5 of these are laptops. 3 of these are slackware boxes I use for various network troubleshooting and matinence task. The rest run windows 2000 or XP pro. I have not installed SP2 on any of the XP machines due to what I think are obvious reasons. The rest have all the latest updates, patches, fixes, kernels and all that jazz.

When I came to this company the network was looking pretty shotty. They were still using a DSL line with a average 50 user load. lol. So I have redone the entire thing from the ground up almost. It is my baby and I think for it being the first network in a business setting I have set up I have done well. Then again it would have been a huge pain in the ass if my superiours were not so willing to work with me and give me almost anything I asked for. So in summeration this is my prefereable network in all ways.

*Forgive any spelling/grammer errors I wrote this pretty quick and in spurts and the spell check isn't wanting to work.

I am sorry my question was vague. I wasn't asking the question to be about a specific company. I was just wondering. But ok. Here we go I will ask about a specific corp.

Alright here we go. The networks are as follows.

There is an internet network and a intranet network (these two do not touch in anyway). There are around 20 computer in the internet network and approx. 50 computers on the intranet. These computers are using roaming profiles and are getting their authentication from a Windows 2003 server. After the authentication from the 2003 server they are able to access our DB server. The DB server runs on a 2000 environment.

The client computers are running a mixture of windows 2000 and XP pro. As stated before they have roaming profiles.

Now what would your decisions be?

I have a few ideas on what I would like to do but I would like to here from the AO community.

I would start by recontructing the entire network. I would like to get all users on the internet, however that doesn't seem like an option. So, I would continue using the roaming profiles and authentication the way it currently is. However, all the ports on the computer would be disabled and their printing would be changed from local printers to a few main network printers. All the computers would be running on the same box with one master image to re-load them all.

Since I strapped for time I will re-post later but this is the bulk of it.

- MilitantEidolon

You say that the Intranet and Internet networks do not touch in any way. How so? Let me explain... All the PC's (running XP and 2000) utilise roaming profiles. This means, to me any way, that they must all be on the Local Area Network. Is that right?

Assuming that all the PC's and servers are on the same Local Area Network, I would do the following:

1) Configure a server (or even better server farm) for the Intranet. Inside the Local Area Network.

2) Have a seperate proxy server for Internet access (Internet gateway). Connected to a T1 pipe to the Internet through a firewall. Have some web filtering / anti-virus software installed here too.

3) Have a seperate Intrusion Detection System server monitoring the Internet traffic. May be with a seperate machine to dump and process the logs.

4) Use a seperate server for the roaming profile and user authentication.

5) Ensure the Local Area Network is switch based rather than hub.

6) Install anti-virus software on all the PC's and have them automatically updated / managed from a central point, perhaps the Internet gateway.

7) Upgrade the 2000 PC's to XP Pro. That way you have commonality.

I'm sure other, more knowledgable AO'ers will be able to pick holes in this or enhance it. Please feel free to critique.