Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
223
Views
0
Helpful
1
Replies

Suggestions needed for LAN hardware and design

rameeti00
Level 1
Level 1

‎10-31-2004 01:34 PM - edited ‎03-02-2019 07:38 PM

I need suggestions.

I have 80 users that need to be compartmentalized into about 50 groups. Each group may have from 1 to 5 users within it. Each groups needs security from the others. I desire compartmentalization so that each group's traffic and poor computer management (lack of anti-virus protection) might have minimal impact on other users.

Thus far, everyone has been on a single T1 line with all users being plugged into a bank of 4 non managed switches. All IPs have been offered via one DHCP server with everyone in a single net. Some of these groups are in need of using public IPs, either through mapped public to private IPs, or perhaps direct connections to the router with no private IP usage.

I am thinking that I have 2 basic options. Perhaps they should be used together.

One method would be to sub net each group so that they are unto themselves for traffic and greater security with minimal collision domains.

Another thought is VLANs that compartmentalize these groups.

The groups will have a continual need for restructuring on an ongoing basis. (i.e. User 1, 2 & 3 might be in group 1 today with User 4 & 5 being in group 2 today while next month, Users 1 & 2 might be in group 1 with Users 3 & 4 being in Group 2, and User 5 being in their own group.)

The question is: Wouldn't the first option of 50 different sub nets require 50 different routers? If so, then this is probably not reasonable.

Do I go with managed switches and VLANs?

Do I go with 1 large net and not subnet it?

Do I go with both managed switches, VLANs and subnets?

What router/switches should I be considering?

(An explanation of the how this situation is real is thus:

A floor of 80 offices exists in a Executive Suite situation. Internet access is provided by my company. Clients may lease one office or multiple offices. We have no control over their equipment. They deserve protection from snooping of other clients (thus the need for VLANs). By using managed switches, I am hoping to be able to track bandwidth usage within each VLAN on a monthly basis to charge back for internet usage and observe bandwidth abuse of individual clients.

Labels:
0 Helpful
1 Reply 1

m-lehmann
Level 1
Level 1

‎11-03-2004 08:40 AM

that is definitely a real world scenario that happens frequently. the solution would be to get a catalyst 3550 series switch with multilayer software image. You would need EMI (Enhanced Multilayer Image) and not SMI. This will let you route between vlans without the need for 80 routers. you could purchase two catalyst 3550's with 48 ports. one switch would need the EMI and one would be fine with the SMI. they would need to be uplinked via GBIC's. if they would be close proximity the copper GBIC's would be fine otherwise you would need fiber GBIC's.

0 Helpful
Customers Also Viewed These Support Documents