Questions

Network Design Question

+
0 Votes
Locked

Network Design Question

shodg001
Hello,

I work for a company and we are thinking of redesigning the network infrastructure. Currently we have a head office and several regional offices. The head office houses about 75 people and each regional office about 5-10 people. We house about 7 servers ranging from a web server in a DMZ, to a Swyx VoIP server, and a mix of application servers and domain controllers. I would like to find some white papers or info related to designing network infrastructure for this type of environment. I naturally tried google, but I really didn't find what I was looking for. Could anyone point me in the right direction? Also, from your experience is a collapsed core switching architecture suitable for this environment? At what point should we introduce a router? We currently have an astaro device that is acting as our firewall, openvpn server, and edge router. I appreciate any advice that you can give.

I'd also like to mention our motivation for looking into this. We experience certain problems, and I am not sure if it is due to a poor network infrastructure. Our Voip calls within the head office often experience quality issues. It can be even worse when calling the regional offices. Our regional offices are connected to us using openvpn UDP VPN. There also seems to be an issue of saving large files (5GB for example) on our network shared drives (within the head office). They often corrupt. We are also syncing file data between the regional offices and our head office. They have local servers that maintain a copy certain files that are located in the head office. This allows them to access files locally. This improves there ability to work on documents in locations such as Montenegro, instead of try to access the document directly here in Germany.

Regards,

Shawn
  • +
    0 Votes
    robo_dev

    https://learningnetwork.cisco.com/thread/42523

    At a high level, running layer-3 switching, which means creating multiple VLANs and subnets, can help with many problems. For example, VoIP should be on it's own VLAN with assigned QOS to ensure voice quality.

    OpenVPN is a fairly good product, but hardware-based SSL VPNs like Barracuda or Cisco ASA are more secure, have more features, are faster, easier to support, and more reliable, but do cost money.

    +
    0 Votes
    shodg001

    Hello. Thanks for the response. I will definitely check out the books in the link. Concerning putting VoIP in its own VLAN: This seems straight forward when the phone is plugged directly into a switch, but we have phones with the computers attached to them. We also have soft client phones that run directly on the computer with a USB headset. Is it possible to some how segregate this traffic and stick it in its own VLAN? I read a bit about vlan tagging, but I did not see an option on the phones and I am not even sure if it is possible to some how do it on the soft clients.

  • +
    0 Votes
    robo_dev

    https://learningnetwork.cisco.com/thread/42523

    At a high level, running layer-3 switching, which means creating multiple VLANs and subnets, can help with many problems. For example, VoIP should be on it's own VLAN with assigned QOS to ensure voice quality.

    OpenVPN is a fairly good product, but hardware-based SSL VPNs like Barracuda or Cisco ASA are more secure, have more features, are faster, easier to support, and more reliable, but do cost money.

    +
    0 Votes
    shodg001

    Hello. Thanks for the response. I will definitely check out the books in the link. Concerning putting VoIP in its own VLAN: This seems straight forward when the phone is plugged directly into a switch, but we have phones with the computers attached to them. We also have soft client phones that run directly on the computer with a USB headset. Is it possible to some how segregate this traffic and stick it in its own VLAN? I read a bit about vlan tagging, but I did not see an option on the phones and I am not even sure if it is possible to some how do it on the soft clients.