We continue our story with the modernization of the network in the museum MUSEUM. To solve the existing problems, we hired smart people who offered us a choice of several vendors. In view of the instability of relations with the United States, we chose Huawei, on their advice. Then the stage of coordination of our needs and capabilities began. We drew up a diagram of large switches, outlined how they would be connected to each other (twisted pair or fiber optic), identified various parts of the network that can be used as a separated VLANs and indicated that in one of the parts of the network we may have users who need to access the Internet but do not need to access the local network of the museum. We chose to increase the network speed from 100 Mbit/s to 1 Gbit/s all over the network, divided the network into separate VLANs on the core switch based on its ports (the main traffic flow does not go between computers, but between computers and servers, so it still passes through the core switch, and dividing the network into VLANs allowed to reduce broadcast traffic) and provided network protection from "unnecessary" devices using "port security" feature of the switches. One of the most important decisions is the implementation of eSight for network monitoring.
In view of the large number of switches that needed to be changed, and the need for a complete reconfiguration of the IP addresses of computers, the network upgrade was divided into two stages: the modernization of the network core and nearby "offices" and the modernization of far situated "offices". After the first stage, the network began to work much better (especially considering the fact that it did not always work in principle before). We got the following benefits:
High network speed.
Much better network manageability.
Reduced network outages.
Reduction of the space occupied by core switches by using SFP modules instead of optoelectric converters - 1U instead of 1U + 2U.
Enhanced network security.
Redundancy of the main communication lines and the core switch.
Now I can say with confidence that the stability of the network has improved dramatically. We used to go to change optoelectric converters every several months and then, tried to use different manufacturers, but now everything works stably. We changed two or three out of sixty switches in a few years.
Our network looks like this now:
Below you can see the "web" of the next stage - the upgrading of switches in the server room to increase the speed of access to the storage system and servers up to 10 Gbps.
Looking forward to learn about servers upgrade in next topic.
