IT/Experimental/Network
< IT | Experimental
The Maybe Later Network
Possibilities for future Network upgrades.
General
- What can be connected by cable, is connected by cable
- increased bandwith and stability for all (less utilization of wifi, better transfer medium)
- increased security (less attack surface over air)
- enables wake on lan (WOL)
- would need new cabling, new switches and space
- would need investment (although this could be done quite reasonably)
- Network segmentation / VLANs / Subnets
- increased security (subnets are isolated from eachother, e.g. clients only have access to what they must)
- increased stability (e.g. excessive broadcasts will be limited to their own subnets)
- would need VLAN (802.1q) able switches and router
- would ideally include router/gateway with firewall (to control traffic between vlans/subnets and internet bound traffic >> access control)
- would need investment (various price classes...)
- Monitoring
- increased security (depends how it's done / software)
- increased visibility (depends how it's done / software)
- visibility on issues (e.g. get HW data over SNMP)
- notifications on issues (if setup)
- e.g. Zabbix/Prometheus (hardware monitoring), Wazuh (security monitoring)
- would need at least some processing power and maybe a little overkill, especially Wazuh :)
- Dedicated Access Points (APs)
- cover larger area with better quality (e.g. one per floor)
- support roaming between APs, (802.1k/v/r) (same SSIDs for 2.4 and 5GHz channels and AP's)
- support unlimited amount of SSIDs (would not recommend more than 4)
- support WPA2/3 Enterprise (e.g. user/password per user, RADIUS required)
- would need APs and new cabling (please don't use wireless meshing stuff unless cabling really is not feasible!)
- ideally switch supports PoE so no injector is needed (802.3at or higher)
- e.g Ubiquiti Unifi (get second hand / discounted APs, controller is free for download)