PDA

View Full Version : Fake Network Help If you are board


sonyw810
11-22-2009, 07:31 PM
I am doing a assignment for networking class and I will admit I have yet to implement anything bigger then a few home computers. So I came up with a fake graphics design company and need help setting up a network.(side note: I repair computers and am trying to learn more "advanced")

Graphics department- 4 desktops and a Plotter

Consulting/Accounting- 4 desktops and multi function printer

Main greeting area- 2 desktops

I would like them to be on their own networks due to file sharing taking place in the graphics department and for security in the accounting/consulting department.

here is what I have so far but from here I am not sure where to go:



http://www.technibble.com/forums/attachment.php?attachmentid=588&stc=1&d=1258921806

PcTek9
11-22-2009, 07:52 PM
get a nice switch, and set up 3 groups. I'd get a 24 port from cisco with webview. you have the ability to completely isolate 'groups' from each other on the network. maybe just feed it out of a simple rv01. this way a user can't just hack their pc, change their subnet, and be on the accounting group.

sonyw810
11-22-2009, 07:55 PM
Ok, So I wouldn't need to have a switch per "group"? Just run them all to one and conifure it from there? sorry im blind you already answered this :)

OnSiteSolutions
11-22-2009, 08:03 PM
Id use just one switch and set accounting consulting and graphics each on thier own vlan.

PcTek9
11-22-2009, 09:05 PM
Yeah, you can use vlan's. There's an attack though that cisco says to avoid by using vacl's (vlan access control lists). I would use link aggregation grouping on each vlan, for higher uplink throughput, but you dont have to... don't confuse that with creating named groups of ports. So there you have it use lag on a vlan with vacl. ;)
* in case you dont know, some switches have web interfaces. these interfaces are oftentimes much more intricate than say a 'home router web interface.', i compared it to a home router b/c most home switches don't even HAVE a web interface, and 'commercial grade switches' allow you tons of features and abilities, they usually have at least serial connection ability, sometimes telnet adminability, and sometimes web adminability. (like separating groups of people...) Do beware though that there are limits depending on model. For example on my slm224g cisco i can separate by department and workgroup, but some allow you to set up like 8 groups (max) with 8 users (max) only - (for a total of 8 groups with 8 members each totalling 64 users on vlans) - so there are weird limitations on some models. if you already knew this, i apologize and didn't mean to offend.
actually in your case because the company is so small, you dont need lag b/c you will likely only be having one 'main feed' or 'uplink' (whatever you want to call it...)
** I just wrote a short thing about PVLANS b/c one user was asking how to separate customer pc's from sending viruses to each other when we have them connected on OUR networks for scanning them. (pvlans allow all the pc's in the pvlan to not communicate with any other pc, but just say maybe 1 server, but not each other, of course you can switch that feature in different ones.)
sonyw810 is absolutely right vlans are the best idea. ;)

sonyw810
11-23-2009, 02:01 AM
Thanks guys, I appreciate your help!