Networking: LAN, WAN, WLAN & Remote Access
Request a quote/Contact me
Wide area network
Company networks can range from simple to extremely complex, depending on requirements. The considerations seem to be endless: What speed should the network be? What kind of cabling do I need to run? Do we need to separate the network into logical sections?
How do we secure the physical network? Do we need Wireless networks? If so, how do we plan our access points? What about the WAN - do we use a provider? Should we use VPN connections for the WAN?
How do we secure those connections? How does VOIP fit into my plan? What about remote access? Mobile computing?
Networks have a tendency in gaining complexity as they grow, & careful planning is critical. it's important to identify your core requirements before you start, but also to be able to plan for growth.
Careful documentation is also important to ensure that it's possible to expand your network in the future & to simplify network troubleshooting.
Mistakes on the network will impact the performance of (almost) everything.
Cabling (or not)
The first decision is whether or not to run cables, & if so, what kind?
The general consensus amongst the security gurus is that a wired network in your offices is the best way to go - except...a wireless network is usually
secured, where as network level security is often ignored on wired networks. Admittedly, there are more opportunities to breach a wireless
network security, but this is no excuse to ignore security on your wired network.
The decision on cabling is not too difficult, fortunately. Networks should be at least Gigabit capable as 100Mb/s networks are slowly becoming end
of life. Not that this implies even slightly that they are of no use, but as network applications become more prevalent & feature rich, GB networks
will soon become necessary. The implication of this is that you will need to go to Category 5E (Enhanced) or Category 6 cabling. There is
also the option of Category 6a, but at this time the standards for Cat. 6a are not yet finalized. Cat. 6a is the standard to support the fledgling 10Gb copper networks.
Switching & Routing
There are few decisions to be made here prior to design time. There are, however, a few decisions that will save you headaches later. A prime example
is Auto Negotiation on the switch. This is the ability for the client to "handshake" with the switch & determine the best speed & duplex that can be used.
While this may at first appear to be ideal, in practice we find it to be quite problematic on 100Mb networks. The problem seems to be around switches & network adapters
that have not completely implemented the RFC & the handshake fails to correctly determine speeds. Gb networks tend to be less of an issue as they use more twisted
pairs within the cable & so determining the speed is considerably easier. Ideally the switches & devices should be hard set to a specific speed/duplex, but this can be problematic
for mobile users.
One decision that should be made fairly earlier is whether to use Power over Ethernet (PoE) switches. These switches can power the devices attached (like VOIP phones)
avoiding the necessity of power adapters on the device. It is possible to retro-fit power injectors, but this naturally consumes more space in your switching
Finally a decision for smaller networks on whether to use unmanaged layer 2 switches or the more expensive managed layer 3 switches. The layer 3 switches allow for considerably
more flexibility in the future, as well as simplifying the implementation of network security & should be used where possible unless severe budget constraints prohibit their use.
Wireless LAN (WLAN)
Wireless. The wave of the future. Or is it?
Wireless LANs are nothing if not convenient. Experience is slowly telling us, however, that they are rather convenient for hackers too! If you plan to go down the
wireless route, and many do, you should expect to increase your spending on securing your network. This should be given thought at the planning stage. Should your WLAN
be in a DMZ (behind a firewall) allowing only limited access to the network - and thus limiting the potential damage a hacker can cause? Will this restrict the mobile users
to severely? It's also possible in a well designed network to allow full network access only to authenticated machines,
while still offering limited access (for example Internet access) to non-authenticated machines.
There are analysts currently saying that wireless networks are slowly becoming a thing of the past. Why? The argument goes that WLANs are simply not keeping up with
the bandwidth requirements of the modern feature rich applications. As multimedia becomes more prevalent in our computing environments, bandwidth requirements go up dramatically.
Wired networks are about to go into the 10Gb arena - potentially meaning our workstations do not necessarily need hard drives even for the operating system. At those speeds we can boot directly
from the LAN. If this becomes the norm, wireless networks are several generations from providing sufficient bandwidth.
The considerations/decisions that need to be made around WLANs are numerous & unless you have the backing of a good IT department, I would suggest that you engage a professional to guide
you through these dangerous waters. Please contact me if you would like to discuss this further.
Wide area network (WAN)
The performance of your WAN will have a large impact on you infrastructure - whether it is centralized or distributed. Many things will impact your WAN performance, & if your company
is distributed around the country - or even the globe - your WAN requires special attention.
Specialists can estimate your WAN bandwidth & latency requirements with reasonable accuracy & make recommendations on the WAN specifications. If your WAN is critical to your business
engaging a specialist to do this is highly recommended.
Unfortunately designing a WAN is almost more of an art than a science. Decisions must be made around Quality of Service (QoS), which can give priority to real time data (voice for example),
whether WAN accelerators offer best ROI or whether buying more bandwidth is best, whether using VPN tunnels over the Internet is sufficient (although this is probably more of a business decision).
The permissible level of WAN downtime is also a factor. What is the most cost effective way of providing link redundancy? What WAN speed can you afford to be reduced to in the case of
an outage on you primary link? Could you WAN be designed in such a way as to allow the packets to be re-routed through an alternate route in the case of an outage? The list goes on.
Again, unless you have complete confidence in this area, you should retain the services of a specialist. Please contact me for more details.
Remote access can be different depending on your requirements.
If you merely require email & calendar access this can be provided over the Internet using the HTTPS protocol. Exchange Outlook Web Access, RPC over HTTPS, or Active Sync on mobile devices
are good options. If your requirements are considerably more diverse and security is not paramount, VPN could be a good solution (albeit still behind a firewall!). If
you need complete network access in the most secure form possible, a Citrix type system of terminal services is probably the answer.
Cost and complexity varies considerably depending on your requirements, but it certainly is possible to provide secure and reliable remote access. I was working for a major US
bank during 9/11 & their trading activities immediately subsequent to the disaster was run over remote access from hotel rooms with high-speed Internet access.
Ideally you should carefully consider your requirements. Then contact me to get an idea around implementations costs so that you can
make a good cost-benefit analysis.