If you are getting ready to open a new office for your business, you will undoubtedly have a lot on your mind. Everything from buying or leasing the physical location to making sure it is properly furnished, and much more, has to be considered. For many people, one of the most challenging tasks that needs to be handled will be setting up the new network environment. For more information about the hardware you’ll use, check out How-to Guide: Small Office Network Setup.
Creating a new network environment can be challenging because you need to make sure that everything is done right for fast and reliable connectivity today, but also that there is room for growth in the future. In addition, you want to make sure that you are using the proper equipment while still staying within your budget. Of course, the actual network configuration is also something that can be very challenging.
Purchasing the Right Equipment
The first thing you will need to do is purchase the networking equipment that you will require based on the needs of your new office. The following are some of the most commonly used items that you will likely need:
- Routers – A router is the device that sends data between networks. In this case, the router will be the device that connects your internal network to the public internet. Depending on the type of router you choose, it can also be configured to allow or block traffic based on your requirements for added security. You may also need internal routers to allow specific devices to connect to your network.
- Switches – Network switches are smart devices that can be used to connect two (or more) networks together. This will be essential if you already have another office location, or if your office is large enough to want to set up multiple separate network environments. Related: What is a Smart Switch Exactly?
- Firewall – A firewall is a network security device that is used to prevent unauthorized access to your network from the internet. Depending on the level of security you need, a firewall could be built into your router, or it could be a separate device.
- End User Devices – The end user devices that need to connect to the network will include things like computers, laptops, tablets, smartphones, printers, and more.
Configuring the Private Network
One of the most important things you are going to have to do is set up your own private network. This is the digital environment in which all of your computers and other equipment will be able to communicate locally. Having a local private network is more efficient and much more secure than simply connecting each device to the internet and communicating publicly. Setting up your local area network (LAN) is something that should be done by someone who has experience with this type of thing as even small mistakes can cause serious problems both in performance and security.
There are many different options available for how to create and configure the network for your office. Using subnetting you will be able to have limitless numbers of servers, computers, virtual environments, and other things communicating. You will also be able to use segmentation to ensure you are able to lock down different environments to ensure employees, customers, vendors, and other groups of people can only get access to the network resources that they really need for their job.
Choosing Your IP Range
One of the first things you need to do is decide which IP range you will want to use. To do this, you need to look at how large your network needs to be today, and what type of growth may be possible in the coming years. For almost all small businesses, class C addresses are more than sufficient. A class C network can handle up to 256 hosts and can be broken up into multiple subnets (sub networks). If your company may grow significantly, however, you can also consider class B IP ranges, which can handle 65,000 hosts.
Configuring Your Subnets
There are several strategies you can follow for utilizing subnets for your network. Some people will use a /16 range, which will provide you with a massive number of IP address options. This is good for growth ability, but can open up problems related to security, access, and overall management. If your business is not likely to grow significantly in the coming years, a /20 subnet is almost always going to be more than sufficient. You can then break up your network into multiple vlans for different types of traffic, which will be far easier to manage.
Creating Separate VLANs
Vlans, or virtual local area networks, are an excellent way to divide up your network. This will make it easier to manage (both for adding devices and implementing security policies) while also making it simple to create. For most small businesses, creating /24 subnets for each vlan on your main network is an excellent option. Setting up the following vlans will allow you to keep various types of traffic segmented for simple policy management while also making it simple to connect devices to your network:
- Vlan 2 is for General Data – This is where general data transmission within the network as well as sending and receiving data out to the public internet.
- Vlan 3 is for VoIP – Having a separate vlan for voice over IP will allow you to more easily configure QoS so that you can ensure voice quality on phone calls even during peak network usage times.
- Vlan 4 is for Management – Creating a vlan for management is a best practice as it allows you to lock down who has access to it and you can more easily monitor the environment.
- Vlan 5 is for WiFi – If you use laptops, tablets, or other wireless devices you will need WiFi connectivity, which can be easily managed on its own vlan. You can even break this up into two vlans, one for internal WiFi and one for guest WiFi if that is a service you want to offer.
- Vlan 6 is for Servers – If you are running local servers, they can be on their own vlan so traffic can be easily directed to them efficiently.
- Vlan 7 is for ISCSI – If you are setting up shared storage devices on your network, creating this vlan will make that much more efficient and easier to manage.
- Vlan 8 is for Security – Having a vlan for your security devices and policies will make them easier to access and manage for your administration team.
Of course, you can add, remove, and adjust what each vlan is for based on your own needs and preferences.
Planning is Essential
Whenever setting up any new network for a business, you want to take the time to really plan it out. It is much easier to do things properly the first time than to try to fix an existing network when there are problems down the road. If you have never setup and configured an internal network before, make sure you are working with an experienced engineer to have it done properly.
