1

Dear SpiceHeads,

Our company is setting up new office in another location (different country). I’ve been given the responsibility to set up the IT infrastructure there. I would like to get your views on how to go about it.

I’ve already gotten the lease line of 4 Mbps / 4 Mbps in place.

I’m planning to have gateway level security device like Cyberoam UTM appliance. The LAN cabling is done with CAT6. 15 KVA UPS (Brand-APC) is also installed.

What are the next things to do please?

Since this is the first time I’m building the new site, kindly share your ideas on how to deploy rock-solid IT infrastructure.

Thanks.

Vipul

6 Spice ups
2

Before doing anything, start designing and drawing how your new network topology will look like.

After you have it done you can start implementing the below in a way that reflects the needs of your business.

1- get a server cabinet (size depends on how much equipment will be installed)

2- install Air control Unit

3- Cyberoam is good choice as a front-end firewall however you can get a Cisco router with sec/k9 as an alternative.

4- make the cabling, patch all cables to the patch panels, install cable management along with your patch panels for a better sexy look.

5- pick up a set of gigabit switches that fits your needs (managed ones are highly recommended for advanced configurations)

6- you can always share your new infrastructure topology so we can give our comments to get the ideal one.

4 Spice ups
3

one thing to consider is wireless access points, you want them to be able to pass the info through each device as your users walk around the office with their laptops. You don’t want them having to drop from one wireless router and pick up a new session on the next wireless router.

Also plan to hard wire each desk with at least 2 network drops. One for the phone and one for the pc. if you plan the office then know where people are going to sit and give those with extra needs such as IT more ports. When I last set out an office I gave each bank of 4 desks 10 network ports so I always had at least 2 spare per bank. When it came to the IT area I wired 4 ports per desk.

3 Spice ups
4

consider physical security of server room/rack

consider redundancy for your leased line

server room temp and humidity monitoring

ILO or equivalent for your servers

2 Spice ups
5

rock solid = redundancy for all services IMO, so map out your needs and work out a strategy to cope with each service going down

Communicate the deadlines and responsibilities to stakeholders

1 Spice up
6

Thanks Nazih.
I’m going to use 192.168.x.x Class C network.
Would like to establish tunnel between head office and this new office on Cyberoam.

How do I plan my ActiveDirectory?
I have ComapnyA.com domain name at Head Office.
What if company decides to use different domain name at this new location? need it to be subdomain of CompanyA.com domain?

7

How many users are you planning on having and what are growth plans?

To be honest i don’t know much about Cyberoam but some of my clients have found the Sophos UTM and Red boxes to be a great help for managing their external sites.

@Sophos

8

YOU CAN EITHER CREATE THE SAME DOMAIN AND SET IT UP AS A CHILD DOMAIN OR CREATE A DIFFERENT FOREST AND ESTABLISH A TRUST BETWEEN THEM.

9

Very important. No use having your state-of-the-art server setup go down for such a simple thing as an AC timer set by mistake or a bathroom flood. You may even be able to get an AC unit with SNMP so you can monitor it with your Monitoring software (Suggest Nagios or Opsview).

I think a good place to start is to look at the infrastructure in your current location. Make a note of it’s strengths and weaknesses. If you had it to do over, what would you definitely change? What would you leave alone? You can also look at what would be a good place to introduce something new (Nothing too ambitious though)

2 Spice ups
10

Chris, we too are planning to setup a new location and are considering IP phones. I know it would be cheaper to run one point and let the phone split the connection as most of them can. Can you see any down side to this. I’m just considering that after you’ve spent thousands on high end managed switches you connect your computer through a phone.

11

Lights out options - if you are not there to press a button - what do you do?

Managed PDU’s

1 Spice up
12

Hi, Vipul P.

You can consider a Firewall with High Availability, to back up your UTM or VPN appliance. It is also good to consider future plans on how your company will do/do business, like IP Phones or other collaborations solutions for your employees.

For a solid network infrastructure, you can look at Cisco 300 or 500 (stackable) for a reliable SMB switch (web based) that does Layer 3 and PoE support for your access or core layer switch. The Cisco Catalyst 2960-X (new) or the Cisco 3750-X / 3560-X provides more features and more management options, in case you are looking at a higher end model (IOS Based).

Feel free to send me a message for additional inquiries or concerns. Hope to hear from you and I hope this helps!

1 Spice up
13

Don’t forget to implement environment monitoring to keep an eye on critical infrastructure for climate and power related threats! Few hundred dollars for an environment monitor that checks for high temps, humidity, power failure, water leaks, smoke, door position etc., can pay for itself many times when you get that first alert. Here’s an older Spiceworks post where some customers share their stories: http://community.spiceworks.com/topic/188677-itwatchdogs-is-giving-away-a-watchdog-100

1 Spice up