IT/Experimental/Network: Difference between revisions
< IT | Experimental
Access restrictions were established for this page. If you see this message, you have no access to this page.
(added my ideas) |
No edit summary |
||
Line 22: | Line 22: | ||
** visibility on issues (e.g. get HW data over SNMP) | ** visibility on issues (e.g. get HW data over SNMP) | ||
** notifications on issues (if setup) | ** notifications on issues (if setup) | ||
** e.g. Zabbix/Prometheus (hardware monitoring), Wazuh (security | ** e.g. Zabbix/Prometheus (hardware monitoring), Wazuh (security monitoring) | ||
** would need at least some processing power | ** would need at least some processing power and maybe a little overkill, especially Wazuh :) | ||
* Dedicated Access Points (APs) | * Dedicated Access Points (APs) | ||
** cover larger area (e.g. one per floor) | ** cover larger area with better quality (e.g. one per floor) | ||
** support roaming between APs (same SSIDs for 2.4 and 5GHz | ** support roaming between APs, (802.1k/v/r) (same SSIDs for 2.4 and 5GHz channels and AP's) | ||
** would need APs and new cabling (please don't use wireless meshing unless cabling is not feasible!) | ** would need APs and new cabling (please don't use wireless meshing unless cabling is not feasible!) | ||
** ideally switch supports PoE so no injector is needed (802.3at or higher) | |||
** e.g Ubiquiti Unifi (get second hand / discounted APs, controller is free for download) | ** e.g Ubiquiti Unifi (get second hand / discounted APs, controller is free for download) |
Revision as of 00:24, 3 May 2024
The Maybe Later Network
Possibilities for future Network upgrades.
General
- What can be connected by cable, is connected by cable
- increased bandwith and stability for all (less utilization of wifi, better transfer medium)
- increased security (less attack surface over air)
- enables wake on lan (WOL)
- would need new cabling, new switches and space
- would need investment (although this could be done quite reasonably)
- Network segmentation / VLANs / Subnets
- increased security (subnets are isolated from eachother, e.g. clients only have access to what they must)
- increased stability (e.g. excessive broadcasts will be limited to their own subnets)
- would need VLAN (802.1q) able switches and router
- would ideally include router/gateway with firewall (to control traffic between vlans/subnets and internet bound traffic >> access control)
- would need investment (various price classes...)
- Monitoring
- increased security (depends how it's done / software)
- increased visibility (depends how it's done / software)
- visibility on issues (e.g. get HW data over SNMP)
- notifications on issues (if setup)
- e.g. Zabbix/Prometheus (hardware monitoring), Wazuh (security monitoring)
- would need at least some processing power and maybe a little overkill, especially Wazuh :)
- Dedicated Access Points (APs)
- cover larger area with better quality (e.g. one per floor)
- support roaming between APs, (802.1k/v/r) (same SSIDs for 2.4 and 5GHz channels and AP's)
- would need APs and new cabling (please don't use wireless meshing unless cabling is not feasible!)
- ideally switch supports PoE so no injector is needed (802.3at or higher)
- e.g Ubiquiti Unifi (get second hand / discounted APs, controller is free for download)