Designing a Corporate Network with Sizing

Basic schema of systems task, gathering fundamental requirements and proceeding with physical and logical design

Designing a LAN (Local Area Network) requires a structured approach: first, gather fundamental requirements (data) and then proceed with physical and logical design.

Here is a step-by-step guide on necessary data and design phases.

1. What data is needed to start? (Requirement Gathering)

Before drawing the network or purchasing hardware, you must gather this crucial information:

Logistical and Environmental Data

Load and Scalability Data

Traffic and Performance Data

2. How to design the LAN (The Phases)

Once the data is obtained, the design is divided into three macro-phases following the standard hierarchical model.

Phase A: Physical Design (Hardware and Cabling)

  1. Choose the cabling: For horizontal runs (from wall outlets to the rack), use Cat 6 or Cat 6A cables (up to 10 Gbps). For vertical connections (between different floors), it is preferable to use fiber optic cables.
  2. Positioning of Switches: Access switches connect final devices. They must support PoE (Power over Ethernet) if you need to power IP cameras or VoIP phones directly from the network cable.
  3. Wi-Fi planning (Site Survey): Position Access Points (AP) to uniformly cover the area, avoiding interference. For corporate environments, use a Wi-Fi Controller (physical or cloud-based) to manage seamless roaming of users from one AP to another.

Phase B: Logical Design (Software and Security)

  1. Segmentation with VLANs (Virtual LAN): Do not put all devices in the same network. Divide traffic for security and performance:
  1. IP Addressing Plan: Use private subnets (e.g., class 192.168.X.X or 10.X.X.X). Configure a DHCP server for automatic IP assignment to client devices and set static IPs only for servers, printers, and switches.
  2. Security (Firewall and Router): Configure a Firewall to protect the network perimeter from external attacks and to manage VPNs if employees need to work from home.

Phase C: Service Continuity (Redundancy)

Summary Table of Key Components

Component - Main Role - What to verify during the project phase

Router / Firewall: Manages traffic to the internet and security: Verify throughput performance with the firewall active

Switch Core: The "heart" of the network, connects various sectors: High speed (backplane) and reliability

Switch Access: Connects PCs and final devices: Number of ports and presence of PoE/PoE+

Access Point: Provides wireless connectivity: Wi-Fi standard (Wi-Fi 6 or 6E) and user density

Cabling: The physical infrastructure: Certification of cables (Cat 6/6A) after installation

Are you designing this network for a small reality (an office with few PCs) or for a more complex structure spread over multiple floors?



How to perform segmentation in the system task:

Segmentation through VLAN (Virtual LAN) consists of dividing a single physical infrastructure into separate virtual networks for better management, security, and performance.