IT/Experimental/Network: Difference between revisions
< IT | Experimental
Access restrictions were established for this page. If you see this message, you have no access to this page.
(added my ideas) |
mNo edit summary |
||
| (4 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
= | = Ideas for Future Network = | ||
Possibilities for future Network upgrades. | Possibilities for future Network upgrades. | ||
| Line 22: | Line 22: | ||
** visibility on issues (e.g. get HW data over SNMP) | ** visibility on issues (e.g. get HW data over SNMP) | ||
** notifications on issues (if setup) | ** notifications on issues (if setup) | ||
** e.g. Zabbix/Prometheus (hardware monitoring) | ** e.g. Zabbix/Prometheus (hardware monitoring) | ||
* Dedicated Access Points (APs) | * Dedicated Access Points (APs) | ||
** cover larger area (e.g. one per floor) | ** cover larger area with better quality (e.g. one per floor) | ||
** support roaming between APs (same SSIDs for 2.4 and 5GHz | ** support roaming between APs, (802.11k/v/r) (same SSIDs for 2.4 and 5GHz channels and AP's) | ||
** would need APs and new cabling (please don't use wireless meshing unless cabling is not feasible!) | ** support unlimited amount of SSIDs (would not recommend more than 4) | ||
**support WPA2/3 Enterprise (e.g. user/password per user, RADIUS required) | |||
** would need APs and new cabling (please don't use wireless meshing stuff unless cabling really is not feasible!) | |||
** ideally switch supports PoE so no injector is needed (802.3at or higher) | |||
** e.g Ubiquiti Unifi (get second hand / discounted APs, controller is free for download) | ** e.g Ubiquiti Unifi (get second hand / discounted APs, controller is free for download) | ||
* PiHole | |||
** internal DNS | |||
** Adfiltering | |||
Latest revision as of 21:57, 15 May 2024
Ideas for Future Network
Possibilities for future Network upgrades.
General
- What can be connected by cable, is connected by cable
- increased bandwith and stability for all (less utilization of wifi, better transfer medium)
- increased security (less attack surface over air)
- enables wake on lan (WOL)
- would need new cabling, new switches and space
- would need investment (although this could be done quite reasonably)
- Network segmentation / VLANs / Subnets
- increased security (subnets are isolated from eachother, e.g. clients only have access to what they must)
- increased stability (e.g. excessive broadcasts will be limited to their own subnets)
- would need VLAN (802.1q) able switches and router
- would ideally include router/gateway with firewall (to control traffic between vlans/subnets and internet bound traffic >> access control)
- would need investment (various price classes...)
- Monitoring
- increased security (depends how it's done / software)
- increased visibility (depends how it's done / software)
- visibility on issues (e.g. get HW data over SNMP)
- notifications on issues (if setup)
- e.g. Zabbix/Prometheus (hardware monitoring)
- Dedicated Access Points (APs)
- cover larger area with better quality (e.g. one per floor)
- support roaming between APs, (802.11k/v/r) (same SSIDs for 2.4 and 5GHz channels and AP's)
- support unlimited amount of SSIDs (would not recommend more than 4)
- support WPA2/3 Enterprise (e.g. user/password per user, RADIUS required)
- would need APs and new cabling (please don't use wireless meshing stuff unless cabling really is not feasible!)
- ideally switch supports PoE so no injector is needed (802.3at or higher)
- e.g Ubiquiti Unifi (get second hand / discounted APs, controller is free for download)
- PiHole
- internal DNS
- Adfiltering