[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y ] [Search | Home]
4Archive logo
/g/ help me out with this:
If images are not shown try to refresh the page. If you like this website, please disable any AdBlock software!

You are currently reading a thread in /g/ - Technology

Thread replies: 104
Thread images: 5
/g/ help me out with this:


You must design a network for a two floor company of 200 users. Include what devices you would use.


I would split the network into 5 vlans. The switches have 48 ports each. Is the best method?
>>
>>52569106
Do your own homework, kid.
>>
TOKEN RING
>>
>>52569106
ROUTER ON A STICK! is always the answer.
>>
>>52569132
>implying /g/ knows networking
>>
not doing your homework for you op.

This is an easy open ended question however

ps there's no need for multiple vlans unless you're autistic.
>>
>>52569220
What about when those 200 computers boot up on the network? Would you really want a broadcast packet from every computer on your network at the same time?
>>
>needs of the user status: ignored
>>
>>52569320
what?
>>
>>52569220
Don't listen to this pleb.
>>52569261
vlans do more than breaking up broadcast domains; which doesn't matter with only 200 stations. In this scenario it would be used to segment the network into roles such as mgmt/wifi..etc
>>
>>52569220
I usually use vlans alot specially for diffrent kinds of groups of people not able to connect to example the staff of the company / wifi segmented from the main working ground or even have 2 wifi's 1 for the company and other for guests whatever you want my friend.
>>
>>52569474
Beat you by 15sec sucka!
>>
>>52569469
>>52569474
Okay, then what about the hardware? Would you use 5 switches daisy chained or what?
>>
>>52569533
Not enough info to answer. Depends on needs and budget.
>>
I run more than a few 200+ networks for a managed service provider. Here's how things work.

Every every office should be wired up with a jack on 2 walls. If you're talking 100 users per floor you probably want to terminate each floor to a series of patch panels located on each floor. Run those patch panels into a couple of 64 port Cisco switches per floor. Connect the switches with 100gb multimode fiber. The switches terminate with 100gb multimode fiber into a nice cisco router.

This is how literally every enterprise level network is designed.
>>
>>52569604
>If you're talking 100 users per floor you probably want to terminate each floor to a series of patch panels located on each floor. Run those patch panels into a couple of 64 port Cisco switches per floor.
Do you really need two 64 port Cisco switches per floor? Is there a reason not to use 1 64 port cisco switch + a couple un-managed $20 switches?
>>
>>52569604
And on the subject of VLANs.

1 VLAN for IP phones
1 VLAN for VPN users
1 VLAN for the Public/Guest network
1 VLAN for Corperate

>>52569642
Layer 3 management, POE, Remote management, because that how you do it right.
>>
>>52569642
>un-managed $20 switches in an enterprise environment

It's like you actually want there to be future problems that you'll need to deal with later.
>>
>>52569505
beat you by 9 minutes sucka
>>
>>52569604
Just thinking about undertaking a job like this made me so comfy.
Is there something wrong with me?
>>
>>52570638
Eh. It's a ton of dirty work and I avoid it when I can. We have a guy who does most of the wiring for the company.
>>
>>52570698
I was just up above drop panelling for six hours today at a clients office fixing a botched job from their old MSP. Makes me really appreciate the well thought out and professionally done jobs a ton more. I'm mainly back office, RMM, marketing and HR stuff, but I love going out with our engineers when they need help pulling cable. Really satisfying work.
>>
>>52570763
Going into a well organized network is fucking awesome. Last week some client we only do a very small amount of work for called up needing us to light up a new office. All the wall jacks and patch panels were labeled. All I had to do was find the person's new "numbers" and connect the patch cables. I went over there thinking I would at least have to tone down the run and maybe even run some cable. Because they had VOIP phones the job almost did itself.
>>
>>52569106
5 Vlans, are you retarded. That is alot of fucking traffic on the Vlans. Go 8 or more.

I would use 1841 cisco router
I would use 2560 switches.
>>
>>52569178
I do, I am a qualified network engineer
>>
Just buy a few apple airports and place them around the place.
>>
>>52570763
You pull cables. Any retard can do that.
>>
>>52570835
And if you need security, use a ASA 4.1 ISO enabled 8.714(t) device.
>>
>>52570857
You are retarded.

If you do use cisco or juniper, you are killing your network.

No other company produces proven technology like those do. Security is why you do not buy "apple networking turds"
>>
>>52570913
why are junipers commands so retarded?

request system halt
>>
>>52570913
Don't you mean if you are not using cisco or juniper, you are allowing your network to be controlled by a company which has less experience then those two companies.
>>
>>52570913
Is what they teach kids these days? Apple Airports are literally top of the line networking equipment.

The Apple ecosystem is the way to go.
>>
>>52570929
Umm they can't copy cisco commands?

They also have a completely different experienced software engineer team which think different like a certain fruit company that retards keep buying shit from.

They also almost copy hardware designs. I am surprised they have not been sued by having an almost exact hardware layout.
>>
>>52570945
Oh yeah, I will be sure to tell all of the network industry that apple is the best networking vendor on the planet. When I see someone not using apple products, I will tell them they are retarded like /g/.

I am at this point going to say apple, don't you mean linux you useless uneducated American.

Linux is the second most used networking application on the planet. Cisco the the top.
>>
>>52569106
>>>/r/homeworkhelp

also, your vlan answer just makes you look like a fucking moron trying to act smart.
>>
>>52570983
>Apple
>Linux
Hohoho, look at this scrub. I fear for the future of networking, when the pros like me retire we'll be left with these kids installing Cisco routers all over the place.
>>
>>52571012
Apple is not and will never be a networking choice for enterprise uses.

You understand that your home router has a modified linux system running in it?

That is, if you brought a non cisco router.

I hope so.
>>
>>52571043
why are you fucking responding to that comment like it is real?
>>
File: images.png (6 KB, 228x221) Image search: [iqdb] [SauceNao] [Google]
images.png
6 KB, 228x221
Nobody suggesting a fully connected switch topology.
>>
>>52571043
>Apple is not and will never be a networking choice for enterprise uses.
I feel like I'm being trolled here.
>>
>>52571012
>Pro
Get fucked you lying piece of shit.
How you speak to me, it is as if you have never done anything advance in a networking job.
>Or even been employed as a networker.
>>
>>52570892
Fuck those ASAs. Just use a proper IOS router and ACLs.

If you're super lazy and/or just retarded, Meraki is super easy to manage. A previous IT guy had sold one of my clients on the entire Meraki suite. Switches, router, APs, the works. Sure, they are locked into a recurring fee, pretty much forever to keep using the equipment, BUT.... Damn it is easy to manage. All the APs are perfectly placed on Google Maps. I can see each client's traffic going in and out. I can update the firewall and network policies in real time from my laptop, anywhere. All through a simple, effective web GUI. I can leave it alone and it takes care of itself, even pushing firmware updates and scheduling reboots automatically.

Now, you can do ALL of this with a proper cisco router like an 1861. It's just super complicated and requires a ton of work in CLI. You have to tinker with the settings and play around with your ACLs. You gotta basically have a CCNA to do any of that. I don't have one and I am only just barely able to keep up with the guys that do. It's amazing how these routers never really get obsolete. They just remain perpetually difficult to setup. Don't even get me started on CCP, that bloated piece of shit.
>>
>>52571073
I already have cancer from the desktop thread.

I must reply so I can die before these stupid cunts run this planet.

>Trump will be president.
>Americans be gone from the Internet
Bad or good thing. /g/ be the judge.
>>
File: itcrowd1.jpg (32 KB, 450x254) Image search: [iqdb] [SauceNao] [Google]
itcrowd1.jpg
32 KB, 450x254
>>52571076
Because that's stupid, anon. You're networking an office, not a supercomputer cluster.
>>
One wireless router for each computer, no encryption, and no dhcp server because any REAL network engineer knows every ip on his network and plays it fast and dangerous
>>
>>52571077
No you're not.
As a consumer product with their faggot ad hoc networking devices, well that is all they are good for.

As a mass scale product for networking, you would use UNIX, unless you are fucking retarded.

As a free solution to UNIX you would use linux(distro here). I have worked in many network design projects and I have never once seen apple directed design. I cannot hold the cringe I feel when I think enterprise networking + apple devices.
>>
>>52571095
tl:dr

I said cisco ASA for compatibility, in my network designs, I suggest edge linux routers.

They do deep packet scanning at a faster and much cheaper rate.

>$7000us cheaper per 500 computers.
>>
FLAT NETWORK
L
A
T

N
E
T
W
O
R
K
>>
>>52569106
I think I laugh when I see the textbook example of making a vlan for "Sales, Marketing, etc".

Unless the business is transferring gigabytes of data per day no one would know if they were plugged into one big 200 port switch.

Separate networks by business need. That means if you don't need it, you don't have access to it. Even pfSense running on a $40 Celeryon could do everything you need and more. Any stackable managed switches would provide the same user satisfaction as a Cisco Nexus.
>>
>>52571161
Security
Security
Security

Packet scanning
Packet Sniffing
Packet Forging

I can go on will all the switch attacks.

VLANS are more for segmenting a flat network while adding control and security.
>>
>>52570913
> juinper
I wonder how many other 'accidents' are left in their code for the nsa to use as a backdoor.
>>
>>52571109
No shit. This thread went stupid well before that post. But now we want OP to fail his assignment.
>>
>>52571161
So you will trust your complete and profit earning business to a $40 device(s)/service.

Wow, /g/ knows nothing.
>>
>>52571161
i dont get it, are you saying using separate vlans for sales, marketing, etc is a bad thing?

if so i hope you never work for anyone that has to do pci compliance.
>>
>>52571135
FreeBSD handles networking better than Linux. I don't like any BSD OS, but I wont claim Linux is better. I think you mean UNIX-like, not UNIX.
>>
>>52571135
You're obviously fresh out of school, I've installed Airports for all my enterprise clients and haven't had a single complaint.

I've had several cases where I had to throw Cisco routers in the trash because the previous guys installed those and _nothing_ worked properly. With Airports I can just scale up by adding more as needed.
>>
>>52571196
Don't know, but they are cheaper then Cisco.

I always use cisco devices. First reason is that they last for ever. Hardware failures are not highly rated before 10 years.

The quality you get is where the price comes from. Security ISO and also what is attractive.
>>
>>52571215
"As a free solution to UNIX"

I never said linux was unix.
>>
File: IT Hell.jpg (275 KB, 1852x1042) Image search: [iqdb] [SauceNao] [Google]
IT Hell.jpg
275 KB, 1852x1042
>>52571125
>500 person network
>10 64 port 10/100 unmanaged switches
>10/100 uplink connecting one switch to another
>Single 10/100 to FORTIGATE router
>Bonded T1 for the entire office
>DHCP handled in Server2003

You wanna know hell, anaon? You wanna know fast and dangerous?
>>
>>52571233
Enterprise, or medium business?

School? nah mate. Been working for 7 years in networking design and implementation. I work with the architects. I will ask them what they think about apple products in networking.

I presume that I am being played since you would used UNIX and not apple for networking. Apple are not strong when it comes to server products. They are good for client shit.
>>
>>52571286
Apple uses UNIX, what school did you go to?
>>
>>52571286
Stop getting trolled anon.
>>
every user gets a terminal ran thru a pbx to a mainframe

none of this 'allow users to waste company time with facebook' stuff

remove text-based browsers #rekd
>>
>>52571179
Please elaborate. I would like to know the difference between packet scanning and packet sniffing. I would also like to know how those are possible with a standard implementation of defenses against ARP spoofing. If you are concerned with multiple workstations being on the same subnet, why do you allow your users to run arbitrary executables?
>>
>>52571210
Would you feel better if the price was $1,000/mo with $2,500 6 week offsite training?
>>
>>52571303
Modified Unix, costs more for licensing.

Different packages, different support.
I went to school which taught me what to use and how much it costs to do so.
>>
All you need is a wrt54g and a switch with atleast 197 ports. No sweat.
>>
>>52571211
You ask if your irrelevant assumption is accurate. That on its own doesn't compel me to care about your opinion.
>>
>>52571358
Packet scanning is that you aim for specific reply, arp request or something.

Packet sniffing is when you record everything sent through the switch.

Having a lot of users on one switch opens up the costs of needing a system to support these security protocols. There are different switch levels for protection.

VLANS, if managed well can be good. UAC on systems is then put into place. But even then, people try to find work a rounds.
>>
>>52571386
I will look into this.

It is hard in the networking field for these discoveries to be unearthed.
>>
>>52571389
Just buy them from your local Apple certified store and you're good to go, plug-and-play.

I think you should ask for a refund to be honest, in a real company they'd laugh you out the door if you bring up Cisco and other meme products.
>>
>>52571408
i am serious, the last half makes it seem like yes vlans are good, but the first half i dont even know. a 200 port switch is irrelevant because it could go both ways.

just answer the question, it wont work to look smart in this thread.

>>52571410
not that guy, but you have half of a point. however, no one is EVER going to try and define scanning vs sniffing, because they are both the same. don't try to say othewise, because everyone knows you are capturing everything regardless, and just filtering what is SHOWN to you.

and uac is useless unless the account is NOT a local admin
>>
>>52569533
by daisy chaining do you mean trunking?
>>
>>52571428
Yeah ok google. whatever you say.
>>
>>52571410
So to you, packet sniffing and packet scanning are security protocols? Do you know how L2 networking works? If traffic is not meant to be received by a machine, it doesn't know about it. What work arounds are there for prevent unauthorized executables?
>>
Plebs using UNIX when they mean Unix.
>>
>>52571480
No.

Daisy chaining is using a port to connect to another devices. Thus chaining.

Trunking is different. Trunking has protocol to handle and managed information sent from device to the other.
>>
>>52571550
No. The switch will contain protocols on how to handle such threats.

I am implying protocols on the switch aimed at security.

I named threats such as sniffing. These are not protocols.
>>
>>52570815
That's mostly what we do, voip installs, but when we can go into a new build out is what I really like to get into for that exact reason.
>>
>>52571551
UNIX.

I enjoy caps.
>>
>>52571597
being snarky instead of knowing UNIX and Unix are two different things.
>>
>>52570870
We don't have the luxury of having just cable pullers... Yet. The guys who are pulling the cable are the same guys designing the network and maintaining it. So for us, it's not just "pulling cables", it's everything. And if you don't take pride in your work it's not worth fucking doing it.
>>
>>52571571
You cant imply one thing but say another. What protocols are you referring to? First you say a switch it vulnerable, but then you say its not? Did you have long day at the call center?
>>
>>52571428
We use Meme Express and Meme Cloud products.
>>
>>52569151
>two floor company of 200 users
>router on stick
layer-3 switch m8
>>
>>52570892
>And if you need security, use a ASA 4.1 ISO enabled 8.714(t) device.

Buy a fortigate, it's way better than asa per doller, on every front.
>>
Department based VLANs so you can quarantine the virus riddled HR department grom everyone else
>>
>>52571808
I may have stated the wrong implication of what I said.

>I need to name protocols

Fuck off you retard. There is no joke 35 different protocols which come with particular images. I have already wasted my time, caught cancer, and now slowly dying, since someone suggested the use of apple networking products in any network environment.
>>
>>52569106
Weigh your options.

Is it all hard wired? Or is there wireless? Are there other network devices that could be separated to a vlan?

The purpose of VLAN is to reduce redundant traffic. However this can be done with out vlans if your switches can share address tables.
>>
>>52575015
I also should mention vlans are great for isolating specific departments if you are worried about security. But most of time completely unesecary.
>>
>>52571283
i cringed
>>
I'd probably have 4 64 port switches (2 for each floor, and maybe a seperate one for the offices server's), then I'd run cable's through the walls, and then have a few access ports on the ceiling connected to the jacks.
>>
>>52571161
>some dumb fuck in one departments runs the obvious ransomware attachment that turns up in his email
>every fucking device on the network is visible because "why separate things when you're just a small business and you won't notice performance difference of everything being all one big network"
Are you going to cover the ransom?

>>52571550
>Do you know how L2 networking works?
Hubs were L2 as well you know, L2 (and really L3 too) Switches are just smarter in that they store a table of MAC addresses to ports so they can forward the packet to the correct port instead of broadcasting it.
However, there are some possibilities for ARP poisoning to cause packets destined for another client to come to you, possibly even for them to come to you both.
>>
>>52575308
Agreed.

There are some ARP spoofing prevention capabilities on Ciscos (DAI) and Junipers which can help with that, but obviously you shouldn't fully rely on them.

Flat networks are just awful from a security perspective. Aside from ransomware, there's the "I popped a Sales computer and now I can reach every desktop and server in the company" issue.
>>
>>52570835
that's like ten switches per person
>>
>>52569604
>100gb multimode fiber

Are you insane..?
>>
>>52576520
Granted most people don't want to spring for the 100GB fiber trunk. A few of our clients have multiple spaced out buildings of 100+ users that are connected with 100GB fiber. I thought it was multimode fiber connecting these building, but it might be single mode. I know we have a bunch of these floating around the boss's office.

http://www.ebay.com/itm/like/291602608907?ul_noapp=true&chn=ps&lpid=82
>>
>>52569604
I came
>>
>>52569683

This. You want good or you want cheap. Don't dare try to mix the two.
>>
>>52571428

>Cisco and other meme products

>Applel shills being this deluded
>Applel not literally the memeist of all
>>
>>52577939
>Cisco
>Meme
>Hold's up the entire internet

You only dislike Cisco because it corporate.
>>
>>52577992

My whole network (at the biggest pharmaceutical company in the world) is all Cisco. I was quoting the earlier guy.
>>
File: 1416023855361.jpg (60 KB, 685x307) Image search: [iqdb] [SauceNao] [Google]
1416023855361.jpg
60 KB, 685x307
>>52575139
>Hubs is l2
Bwhaha, and switches swtich packets right?
>>
>>52576138
apex kek
Thread replies: 104
Thread images: 5
Thread DB ID: 475230



[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y] [Search | Home]

[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y] [Search | Home]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the shown content originated from that site. This means that 4Archive shows their content, archived. If you need information for a Poster - contact them.
If a post contains personal/copyrighted/illegal content, then use the post's [Report] link! If a post is not removed within 24h contact me at [email protected] with the post's information.