Ideas for Future Network

Possibilities for future Network upgrades.

General

• What can be connected by cable, is connected by cable
  • increased bandwith and stability for all (less utilization of wifi, better transfer medium)
  • increased security (less attack surface over air)
  • enables wake on lan (WOL)
  • would need new cabling, new switches and space
  • would need investment (although this could be done quite reasonably)
• Network segmentation / VLANs / Subnets
  • increased security (subnets are isolated from eachother, e.g. clients only have access to what they must)
  • increased stability (e.g. excessive broadcasts will be limited to their own subnets)
  • would need VLAN (802.1q) able switches and router
  • would ideally include router/gateway with firewall (to control traffic between vlans/subnets and internet bound traffic >> access control)
  • would need investment (various price classes...)

• Monitoring
  • increased security (depends how it's done / software)
  • increased visibility (depends how it's done / software)
  • visibility on issues (e.g. get HW data over SNMP)
  • notifications on issues (if setup)
  • e.g. Zabbix/Prometheus (hardware monitoring)
• Dedicated Access Points (APs)
  • cover larger area with better quality (e.g. one per floor)
  • support roaming between APs, (802.11k/v/r) (same SSIDs for 2.4 and 5GHz channels and AP's)
  • support unlimited amount of SSIDs (would not recommend more than 4)
  • support WPA2/3 Enterprise (e.g. user/password per user, RADIUS required)
  • would need APs and new cabling (please don't use wireless meshing stuff unless cabling really is not feasible!)
  • ideally switch supports PoE so no injector is needed (802.3at or higher)
  • e.g Ubiquiti Unifi (get second hand / discounted APs, controller is free for download)
• PiHole
  • internal DNS
  • Adfiltering