The backbone of your network is your hardware. All of the communications of your network flow through your routers and switches. When these items aren't communicating at levels that you require, business is affected. Very often, a negatively impacted network has financial ramifications.
If you are building a network from scratch, purchasing the hardware that best fits your business needs will set your network infrastructure up for success. If you are considering making hardware changes to an existing network, you need to be able to prioritize your hardware upgrade needs. This prioritization process must reflect the needs of your network.
Table of Contents
Your router is where your internal network meets the outside world. It is an integral piece of your network. All traffic destined for the outside world must travel through your routing equipment. There are many different things to consider while choosing the best router for your business.
Will a consumer or small office router work for your business? Or do you need a more expensive product that offers more features? Cutting costs where you can is often a good idea, but is this the spot to do it? Here are some things you consider in regards to router classes.
- Maximum throughput. What speed capabilities does your business need? Some internet service providers offer up to a gigabyte of internet bandwidth. Can your router handle anything close to that? How are speeds affected when security services are enabled?
- Level of support. What kind of support package does your router's manufacturer offer? Is it included with purchase? If not, what is the pricing on support packages? When you run into issues managing your router, it's good to know how to find help. You need to have an idea of the level of support that you can expect.
- Configurability. Consumer routers come with a lower level of configuration options than enterprise-class routers. These options could include VPN configuration and port forwarding, to name just a few.
Your network's security is of the highest importance. While almost all routers come with at least a basic level of security options and features, it's important to know that your router's features will meet your needs. Following are some offerings to look for.
- Content Filtering. You may want to be able to control and monitor the websites that your employees are visiting. Find a content filter that gives you the flexibility that you need.
- Intrusion Prevention and Gateway Antivirus. Many routers advertise this service. You need a device that is not only effective, but also easily configurable and offers good reporting.
- Firewall. Almost every router has a firewall built into it. The configurability of each firewall depends on the quality of the router. Most businesses need to be able to configure their firewall so that they not only block threats, but also allow other traffic through without issue.
Manufacturers and reputations
Every network administrator probably already has an idea of which router manufacturers they like, and which ones they don't. These ideas can reflect past experiences, general preferences, and industry reporting. Be sure that the manufacturer you choose has a good reputation and meets your needs.
While all traffic to and from the outside world goes through your router, all local communications are handled by network switches. They are truly the backbone of your network. It's important to know how manageable you need your switches to be, and the speeds and number of ports that you will require.
There are two basic levels of management features for network switches: managed and unmanaged. There are a few different reasons why you might choose one or the other.
- Complexity. Unmanaged switches are simple; there is no configuration needed. Many knowledgeable administrators still have a hard time grasping the details of managed switch configuration. Don't make administration more complicated if it isn't necessary.
- Cost. Managed switches can be expensive, at least double the cost of an unmanaged switch. If you won't be taking advantage of the features of a managed switch, purchasing an unmanaged switch will save you some money.
- Configurability. If your network needs to utilize VLAN technology, you will need a managed switch. With a managed switch, each port can be configured to do exactly what you need it to do. This approach is often used in networks using VoIP phone technology.
When shopping for switches, one oft-touted specification is link speed. There are three speed classifications to consider, and only one that you should really be shopping for most of the time.
- 10/100 mbps. This was once a usable speed on most networks, but is now considered a slower option. Switches that offer these speeds can currently be found on many networks running on older infrastructure. New network installations should avoid using switches at these speeds.
- 1000 mbps (or 1 Gbps). This speed specification is a good meeting point between speed requirements and cost effectiveness. While these switches may cost more than the 10/100 mbps ones, most newer networks are able to utilize these speeds, making the upgrade worth it.
- 10 Gbps. While these switches can be found in niche enterprise environments, they are usually not necessary for an average business network.
Number of Ports
Switches come in a number of different port configurations, generally starting at 5 ports and up to 48 (and occasionally more). It's always a good idea to have a complete count of the number of devices in your network that will need switch ports. It's also good practice to be sure to leave enough open ports available for future expansion.
More and more, network administrators are seeing wireless networks move from being an ancillary part of the network to one that is just as important as the wired network. Administrators should have a good understanding of wireless coverage through their network via mapping. Additionally, they should take into consideration speed and security.
Building a map helps administrators gain an understanding of the wireless coverage within their network. Here's what you're looking to accomplish with your map.
- Wireless coverage. You need to have an understanding of what locations within your building will have issues getting a strong connection to your wireless devices. With this information, you can make adjustments to reduce these issues.
- Access point placement. Administrators need to know how many access points they will need, and where they need to be placed within a network. Having a map helps to display the best placement for these devices.
As wireless technology develops, speed capabilities have become faster and faster. With the growing demands of wireless networks in a business setting, it's almost always worth it to invest in the fastest infrastructure possible. There are 3 different speed classifications that most administrators work with today.
- 802.11ac. As of today, this is the fastest speed classification available. Network administrators who are purchasing new access points should be sure that the equipment they shop for supports this technology.
- 802.11n. While this specification is quite fast, it is still slower than 802.11ac technology. Existing infrastructure running at these speeds doesn’t necessarily need to be replaced, but it should not be purchased for new installations.
- 802.11b/g. This specification is now fairly old, and fairly slow. Network administrators should be actively replacing equipment that communicates at these speeds.
Because your wireless network naturally increases the vulnerability of your infrastructure, security must be taken extremely seriously. Here are a number of suggestions for securing your wireless network.
- Security keys. All networks with corporate-level access must be encrypted and force users to use a key to authenticate. For increased security, guest networks can be password-protected as well.
- Network segmentation. Your guest network should be separated from your corporate network. This could be done in a number of ways, including VLANs, router configuration, or even separate internet connections. If your corporate wireless network doesn't need the same access as the wired network, these networks should be segmented as well.
- MAC address filtering. Administrators can use MAC address filtering on corporate networks to provide additional verification for devices to connect. For devices to be able to access a filtered network, not only do users need to know the wireless key, but the administrator must add the device's MAC address to a list of allowed devices. Keep in mind, however, that attackers can easily “spoof” MAC addresses (by making a device appear to have a valid MAC address in order to connect), so you should not rely on this safeguard alone to secure your wireless network.
Many businesses today must purchase proprietary hardware, as required by the industry that they are working in. Choosing the right equipment can be difficult. Here are a few things to consider.
- Consult the experts. You need to verify that you are purchasing the right equipment for your situation. Talk to the software companies that you integrate with, as well as your friends in the business, to see what hardware works best for them.
- Consider regulations. Different industries must abide by government regulations. Before purchasing hardware, be sure that it follows all of the regulations for your industry, now and into the future.
- Determine vendor options. Figure out where you can purchase equipment. Do you need to purchase hardware directly from your software provider, or can you shop around for the best price? How can you verify that what you purchase will be compatible and meet regulations?
There's a lot to consider when choosing networking hardware. Your router must be at the right class level and have the best security offerings possible. Your switches have to provide the configuration options that best fit your business, and are fast enough and offer enough ports for your needs. Your wireless networks need to offer both speed and security, and you should take steps to verify that you purchase the appropriate industry-specific proprietary hardware.