Need help designing a wireless office network and storage server

[rayschrantz]

Hey guys, I'm an intern at a small engineering firm who's server and network are completely outdated and failing. The hardware and software probably hasn't been updated in nearly a decade, so the new upgrades need to be relatively recent but not too new. The firm is moving to a new building and is trying upgrade it's server capabilities. Recently the entire server and internet began failing when someone tried to connect a coworker to the server. The wifi has been down for an entire week and we have no idea how to fix it because the hardware is so old.

 

What I need from you guys is your help designing a cheap network and storage server that has:

 

1. fast wifi

2. quickly accessible storage from multiple computers

3. the ability to connect devices to the storage server and network through wifi and Ethernet

4. the ability to connect numerous devices to fast and reliable internet

 

These are all of the main things I can think of off the top of my head. My boss isn't exactly open to the latest and greatest hardware and software, as we use windows 7 and earlier. He also doesn't want to spend too much, so keep the price as low as possible. I believe that he just bought a NETGEAR 16 Port Gigabit Business-Class Desktop Switch to increase performance in some way, but I don't know how he knew to buy it since he has very little knowledge of server and networking. I'm no better, but I've been learning from Linus's server and networking videos on Techquickie, LinusTechTips, and NCIXTechTips. Treat me as if I know nothing about any of this and be extremely detailed in what does what and why. Please suggest hardware, software, and optimal configurations for the lowest possible cost.

 

Thanks for any help you guys can give.

[Master Disaster]

Honestly, don't even begin to plan for a WiFi storage server, especially when its in an office with multiple users. That's just plain silly. One of the most important lessons to remember is your network is only as strong as its weakest point, and WiFi is by far the weakest point. If your WiFi goes down for any reason it takes your entire network down with it meaning no one can do anything until the WiFi is back up.

 

Start planning a wired infrastructure to a managed switch in the office and give everyone, at least a fighting chance of getting a decent transfer speed and decent stability when using the server.

 

Its really hard to help you plan out a network without knowing some specifics like floor plan, how many users, how often, how much data, storage only or network streaming etc etc.

[Mattch23]

Basically exactly what Master says with a few extra things:

 

Wireless should never be the core of the network, all your desktops etc should have wired connections, you don't really have any excuse considering its a new office with nothing in it so you can plan properly.

 

Wireless can be used for mobile devices i.e. employee laptops or anything such as that, however, as Master stated, you should have a fallback incase the wireless goes down (Wired desktops).

Secondly, Wifi is a massive security hole, if the rest of the network is not managed properly.

 

Also, if you get new servers (which it sounds like) don't skimp out and get crap off ebay, get something with a warranty as within a business environment it'll save your ass many times. Make sure they're also hooked up to decent UPS units incase of power outages.

 

Another thing to consider is your legislation, depending on where you are, things such as Data handling / protection etc vary quite wildly.

 

 

"He also doesn't want to spend too much, so keep the price as low as possible"

 

This will come back to bite him in the ass if he does go cheap, his storage server off ebay dies taking everything with it with likely no backups.

[rayschrantz]

I never said that the server would only use wifi. I said that it needed to be able to be accessed via wifi AND Ethernet, so the server will mainly be run through Ethernet, but it also needs to be able to be accessed through wifi. We have 3-5 hard wired desktops and 1-3 laptops, and with the new office, we'll be getting 5 more windows tablets that need to access data from anywhere in the office without an Ethernet cable. Also, my firm is a machine shop, so there isn't a good place for desktops at the machines, that's why we're getting the tablets. The amount of data we need to access isn't anything too big, it's mostly CAD drawings, programs, and shop orders.

 

I never said to make it as cheap as possible without it being a good server. It has to be as low cost as possible without skimping out on the hardware. Assume that Ethernet cables can be run all over the shop, I need hardware suggestions, that's what I'm mainly asking for. We already have a switch, but I need suggestions on the rest of the hardware we need, such as a router, modem, raid card(?), and anything else that I might need. And I mean specific hardware suggestions, not just networking advice.

[braneopbru]

The best advice anybody hear can give is don't mess with it. This isn't a "let me play IT guy on my home network" situation. This is serious business. Not only does network downtime cost real money, like somebody mentioned earlier, there is the very serious issue of security and it's ramifications.

 

I'm assuming that this won't be a network exclusively for the back shop; the front office is going to be on the network as well. That means financial and customer data. Without a proper plan in place to address security, there's is the very real possibility of a data breach. What are your local laws regarding privacy/security and will the company be held legally liable if damages occur from an inadequately secured network?

 

The absolute best thing you can do is look up the phone number of a local company that specializes in these kinds of setups and tell your boss "here, give these guys a call". Not only will a professional company be able to design a fast, secure network, they'll probably save your boss a boatload of cash by helping him find solutions to streamline the workflow in the shop.

 

Should you choose to ignore my very honest and very reasonable advice, I can give you some hardware recomendations.

 

Go with a router from pfSense. You can build ready to go setups with pfsense installed and configured and you also get support. Because pfsense is also available for free as open source, you'll find a huge community of people that can give you advice and tutorials on specific questions, should the included support be insufficient. pfSense machines are routers and firewalls that can be easily set up with services like SNORT for automated intrusion detection and prevention. You can pay for a membership and have SNORT automatically keep updated lists on current and emerging network security threats. It will also allow for mobile employees to connect back into the network remotely.

 

For storage, go with prebuilt truenas servers from ix systems. They are the people behind freenas. Not much else to say about that. You get great servers with tons of features and you support a great open source project.

 

For the networking gear, go with ubiquiti. Their unifi range is great and you can manage everything from a single interface. I'd suggest the 48 port switch. It has PoE on all ports and 2 SFP+ 10 gig ports. Use the 10 gig ports to connect the storage server to the network. You can set up a bunch of APs all over the shop to get the coverage you need and manage them all as one. They have zero handoff so you roam easily between them and they are powered via PoE (hence my reccomendation of the PoE switch) so wiring is a lot easier. They even have an AP that has a built speaker to funtion as a PA; handy to have in a shop.

 

They also have security cameras that are PoE as well and intergrate into the systems as well. And if you go that far, might as well take a look at their VOIP phone offering.

 

 

I gotta admit, I let out a hardy chuckle when you mentioned that you already had the switch. A $85 netgear switch is less than a drop in the bucket in a networking setup that will probably end up costing your boss over $25,000.

 

Look, it comes down to this; in the other thread you said you are a mechanical engineer. I'm an operating engineer, I know my shit when it comes to my field, but I would NEVER touch anything outside my area of expertise. The mark of a great engineer is being able to recognize when something is outside of your scope of understanding in getting somebody in who specializes in that.

[rayschrantz]

I agree with you when it comes to recognizing when something is beyond your scope of understand, which is why I'm asking for help with this. But what you're suggesting is really high end. My boss isn't looking to spend $25,000 on a network and server, he isn't even looking to replace it. I just volunteered to look into a few minor updates to increase productivity and fix the wifi. I would say the budget needs to be around $1000. Right now the storage server is being run off of a computer and I think that is what it's going to stay as, which is why I might use Linus's 48TB NAS storage build guide to make a new storage server, but instead with two 2TB NAS drives. What I need is a good router and modem that is compatible with the NETGEAR 16 Port Gigabit Business-Class Desktop Switch to run the network off of. I also need help with how to hook up the whole system.

[braneopbru]

If all you are going to do is improve the wifi, this is what I'd suggest.

 

Modem: In general, provided by the ISP. Call them up and tell them you want a new one. Try to get them to give you a modem that is a modem ONLY and not one of those shitty combo units. If combo units are all they have, make sure you turn off the residential gateway features and use strictly as a modem.

 

Router: In my opinion, you have three options. You can get something from Mikrotik in their routerboard line; those are around $100. You can go with pfsense and get something that is based on an intel CPU, but that'll cost starting in the $300 range. The last option is the ubiquiti security gateway/router. It does VPN, QoS and Vlan out of the box; i believe it's around the $120 mark.

 

As far as access points. I stand by my original recommendation of the unifi AP range from ubiquity. You can get three packs of the AP Pro for under $700 US.

 

Anything is compatible with that switch, but I really do recommend tossing it and getting a managed switch from ubiquiti.

 

If you go all ubiquiti for your setup, you can manage everything from a single controller app. It will make things a million times easier for you to set up and manage. The switches are PoE to power the access points. You can set the back shop wifi on a seperate vlan from the front office network. Employees are going to want to use their personal devices on wifi when they are at work and you can put personal devices on a segregated network that has no access to anything internal to the company network and you can set up a guest wifi network for customers that come in to the office that would again be seperate from the internal network.

 

About $670 for the three APs, $400 for a new switch and about $120 for the router puts you at just shy of $1200. It's a little bit over your budget, but you'll have a rock solid base for future expansion of the network. All the components are guaranteed to be compatible and you can manage everything from one piece of software. I really don't think you're going to be able to find another option that'll be cheaper and maintain the quality, reliability or ease of setup that going all ubiquiti will give you.   

[brwainer]

If all you are going to do is improve the wifi, this is what I'd suggest.

Modem: In general, provided by the ISP. Call them up and tell them you want a new one. Try to get them to give you a modem that is a modem ONLY and not one of those shitty combo units. If combo units are all they have, make sure you turn off the residential gateway features and use strictly as a modem.

Router: In my opinion, you have three options. You can get something from Mikrotik in their routerboard line; those are around $100. You can go with pfsense and get something that is based on an intel CPU, but that'll cost starting in the $300 range. The last option is the ubiquiti security gateway/router. It does VPN, QoS and Vlan out of the box; i believe it's around the $120 mark.

As far as access points. I stand by my original recommendation of the unifi AP range from ubiquity. You can get three packs of the AP Pro for under $700 US.

Anything is compatible with that switch, but I really do recommend tossing it and getting a managed switch from ubiquiti.

If you go all ubiquiti for your setup, you can manage everything from a single controller app. It will make things a million times easier for you to set up and manage. The switches are PoE to power the access points. You can set the back shop wifi on a seperate vlan from the front office network. Employees are going to want to use their personal devices on wifi when they are at work and you can put personal devices on a segregated network that has no access to anything internal to the company network and you can set up a guest wifi network for customers that come in to the office that would again be seperate from the internal network.

About $670 for the three APs, $400 for a new switch and about $120 for the router puts you at just shy of $1200. It's a little bit over your budget, but you'll have a rock solid base for future expansion of the network. All the components are guaranteed to be compatible and you can manage everything from one piece of software. I really don't think you're going to be able to find another option that'll be cheaper and maintain the quality, reliability or ease of setup that going all ubiquiti will give you.

OP - braneopru gives solid recommendations. Mikrotik or ubuiqiti are the way to go for router for small business. Ubiquiti APs are a good choice, but you can also check out XClaim. I have extensive work experience with Mikrotik and Ruckus, and XClaim is Ruckus' small business / easy to use AP brand. But ubiquiti gives you that single point of control that is worth a lot for people that aren't experienced network admins.