In my fifth installment in the continuing series on Doing IT at Home I would like to focus on enterprise networking. \u00a0Many ways in which we can bring business class IT into our homes can really be done for free but networking is sadly, not one of those areas but it does not have to be as costly as you may, at first, think and having a good, solid, enterprise-class home network can bring many features that other IT at Home projects do not.<\/p>\n
Implementing an real, working business class network at home lays the foundation for a lot of potential learning, experimenting, testing and growth; and compared to other, small and less ambitious projects this one will likely shine very brightly on a\u00a0curriculum vitae<\/em>.<\/p>\n Now we have to start by defining what we mean by “enterprise networking.” \u00a0Clearly the needs and opportunity for networking at home are not the same as they are in a real business, especially not a large one – at least without resorting to a pure lab setup which is not our goal of bringing IT home. \u00a0Having a lab at home is excellent and I highly recommend it, but I would not recommend building to “true lab” in your home until you have truly taken advantage of the far better opportunity to treat your home as a production “living lab” environment. \u00a0Needing your “living lab” to be up and running, in use every day changes how you view it, how you treat it and what you will take away from the experience. \u00a0A pure lab can be very abstract and it is easy to treat it in such a way that much of the educational opportunity is lost.<\/p>\n There are many aspects of enterprise networking that make sense to apply to our homes. \u00a0Every home is different and I will only present some ideas and I would love to hear what others can come up with as interesting ways to take home networking to the next level.<\/p>\n Firewall or Unified Thread Management (UTM):<\/strong> \u00a0This is the obvious starting point for upgrading any home network. \u00a0Most homes use a free multi-purpose device that is provided by their ISP that lacks features and security. \u00a0The firewall is the most featureful networking device that you will use in a home or in a small business and is the most important for providing basic security. \u00a0Your firewall provides the foundation of your home or small business network so getting this in place first makes sense.<\/p>\n There are numerous firewall and UTM products on the market. \u00a0Even for home or SMB use you will be flush with options. \u00a0You can only practically use a single unit and you need one powerful enough to be able to handle the throughput of a consumer WAN connection which may be a challenge with some vendors as consumer Internet access is getting very fast and requires quite a bit of processing power, especially from a UTM solution.<\/p>\n Choosing a firewall will likely mostly come down to your career goals and and price. \u00a0If you hope to pursue a career or certification in Cisco, Juniper or Palo Alto, for example, you will want to get devices from those vendors that allow you to do training at home. \u00a0These will be very expensive options but if that career path is your chosen one, having that gear at home will be immensely valuable not only for your learning and testing but for interviewing as well.<\/p>\n If you don’t have specific security or networking career goals your options are more open. There are traditional small business firewall suppliers like Netgear ProSafe that are low cost and easy to manage. \u00a0UTM devices are starting to enter this market like Netgear ProSecure, but these are almost universally more costly. \u00a0There is the software-only approach where you provide your own hardware and build the firewall yourself. \u00a0This is very popular and has many good options for software including pfSense, SmoothWall, Untangle and VyOS. \u00a0These vary in features and complexity. \u00a0For most cases, however, I would recommend a Ubiquiti EdgeMax router which runs Brocade Vyatta firmware. \u00a0These are less costly than most UTMs and run enterprise routing and firewall firmware – outside of needing a specific vendor’s product for networking career goals, this is the best learning, security and feature value on the market and will allow learning nearly any firewall or router skills outside of those specific to proprietary vendors.<\/p>\n When starting down the path of enterprise networking at home, remember to consider if you should also begin acquiring rackmount gear rather than tabletop equipment. \u00a0Having a racks, possibly just a half or even a quarter rack or cabinet, at home can make doing home enterprise projects much easier and can make the setup much more attractive, in many cases and is, like many of these projects, just that much more impressive. \u00a0Consider this when buying gear because firewalls in this category, are the hardest to find in rackmount configurations, much to my chagrin.<\/p>\n Switch:<\/strong> It has become common in home networking to begin forgoing a physical switch in favor of pure wireless solutions and for many homes where networking is not core to function this may make perfect sense. \u00a0But for us, it likely does not. \u00a0Adding switching makes for more learning opportunities, a better showcase, far more flexibility, faster data transfers inside of the house, a great number of connections and better reliability. \u00a0For a normal home user with few devices, most of which are mobile ones, this would be a waste, but for an IT pro at home, a real switch is practically a necessity.<\/p>\n Switching come in three key varieties. \u00a0Unmanaged, or dumb switches, which is all that you would find in a home or most small businesses. \u00a0Basic connectivity but nothing more. \u00a0This might be all that you need if you do not intend to explore deeper learning opportunities in networking.<\/p>\n Smart switching is a step up from an unmanaged switch. \u00a0A smart switch is often very low cost but adds additional features, normally through a web interface, that allow you to actively manage the switch, change configurations, troubleshoot, great VLANs and QoS, monitor, etc. \u00a0For someone looking to step up their at home network and approach networking from a higher-end small business perspective this is a great option and a very practical one for a home.<\/p>\n Managed switches are the most enterprise and by far the most costly. \u00a0These use SNMP and other standard protocols for remote management and monitoring and generally have the most features although often Smart switches have just as many. \u00a0Managed switches are not practical in a home for any reason as their benefits are around scalability, not features, but, like with everything, if learning those features is a key goal then this is another place where spending more money not only for those features but also to get “name brand” switches, like Cisco, Juniper, Brocade or HP can be an important investment. \u00a0But if the goal is only to learn the tools and standards of managed switches and not to go down the path of learning a specific implementation then lower cost options like Netgear Prosafe might make sense.<\/p>\n Once we decide on unmanaged, smart or managed switches then we have to decide on the “layer” of the switch. \u00a0This also has three options: Layer 2, Layer 2+ and Layer 3. \u00a0For home and small business use, L2 switches are the most common. \u00a0I have never seen more than an L2 in a home and rarely in a small business. \u00a0L2 are traditional switches that handle only Ethernet switching. \u00a0You can create VLANs on L2 switches but you cannot route traffic between the VLANs, that would require a router. \u00a0An L2+ switch adds some inter-VLAN traffic handling to allow VLANs to exist using static routes. \u00a0L3 switches have full IP handling and can do dynamic routing protocols.<\/p>\n So if you need to study “large” scale routing, an L3 switch is good. \u00a0This is not a common need and would be the most expensive route and would imply that you intend to purchase a lot more networking gear than just one switch. \u00a0In a home lab, this might exist, for handling the home itself, it would not. \u00a0If you want to implement VLANs in your home, perhaps one LAN, one Voice LAN, a DMZ and one Guest LAN then an L2+ switch is ideal. \u00a0If you don’t plan to study VLANing, stick to L2.<\/p>\n Cabling:\u00a0<\/strong>One aspect of home networking that is far too often overlooking is implementing a quality cabling plant inside the home. \u00a0This requires far more effort than other home networking projects and falls more into the electrician space rather than the IT professional space but is also one of the most important pieces from the home owner perspective and end user perspective rather than the IT pro perspective. \u00a0A good, well installed cabling plant will make a home more attractive to buyers and make the value a powerful home network even better.<\/p>\n If you live in an apartment, likely you do not have the option to alter the wiring in this way, unfortunately. \u00a0But for home owners, cabling the house can be a great project with a lot of long term value. \u00a0Setting up a well labeled and organized cabling plant, just like you would in a business, can be attractive, impressive and eminently useful. \u00a0With good, well labeled cabling you can provide high speed, low latency connections without the need for wireless to every corner of your home. \u00a0I have found that cabling bedrooms, entertainment spaces and even the kitchen are very valuable. \u00a0This allows for higher throughput communications to all devices as wireless congestion is relieved and wired throughput is preferred when possible. \u00a0Devices such as video game consoles, smart televisions, receivers, media appliances (a la AppleTV, Roku, Google), desktops, docking stations, stationary laptops, VoIP phones and more all can benefit from the addition of complete cabling.<\/p>\n Wireless Access Point:\u00a0<\/strong>These days home networks are primarily wireless with many homes being exclusively wireless. \u00a0Even if you follow my advice and have great wired networking you still need wireless whether for smart phones, tablets, laptops, guest access or whatever. \u00a0 \u00a0A typical home network will already have some cheap, probably unreliable wireless from the onset. \u00a0But I propose at least a moderate upgrade to this as a good practice in home networking.<\/p>\n Enterprise Access Points have come down in price dramatically today and a few vendors have even gotten then below one hundred dollars for high quality, centrally managed devices. \u00a0Good devices have high quality radios and antennae that will improve range and reliability. \u00a0Generally they will come with extra features like mapping, monitoring, centralized management console, VLAN support, hotspot login options, multiple SSID support, etc. \u00a0Most of these features are not needed in a home network but are commonly used even in a small business and having them at home for such a low price point makes sense. \u00a0If you own a large home, using good Access Points with centralized management can be additionally beneficial in providing whole home coverage.<\/p>\n Having secure guest access via the access point can be very nice in a home allowing guests to be isolated from the data and activities on the home network. \u00a0No need to share private passwords and provide access to data that is not necessary while still allowing guests to connect their mobile phones and tablets. \u00a0An ever more important feature.<\/p>\n If your home includes outdoor space, adding wireless projects to provide outdoor coverage could also make fora \u00a0great learning project. \u00a0Outdoor access points and specialized antenna can make for a fun and very useful project. \u00a0Make yourself able to stay connected even while roaming outdoors.<\/p>\n Good, enterprise access points are often quite attractive as well, being designed to be wall or ceiling mounted, making it easier to put them in good placement locations to better cover your available space.<\/p>\n Power over Ethernet:\u00a0<\/strong>Now that you are looking at deploying enterprise access points and if you followed by earlier article on doing a PBX at home and you have desktop or wall mount VoIP phones you may want to consider adding additional PoE switching to reduce the need for electrical cables or power injectors. \u00a0A small PoE switch is not expensive and, while never really necessary, can make your home network that much more interesting and “polished.” \u00a0Many security devices take advantage of PoE as well as do some project board computers that are increasingly popular today. \u00a0The value to adding PoE is ever increasing.<\/p>\n Network Software:\u00a0<\/strong>Once your home is upgraded to this level, it is only natural to then bring in network management and monitoring software to leverage it even further. \u00a0This could be as simple as setting up Wireshark to look at your LAN traffic or it could mean SNMP Monitors, Netflow tools and the like. What is available to you is highly dependent on the vendors and products that you choose but the options are there and this is really where much of the benefit comes in regards to the ongoing educational aspects of network. \u00a0Building the network and performing the occasional maintenance will, of course, be very good experience but having the tools to now watch the living network at work and learn from it will be key to the continuing value beyond the impressive end user experience that your household will enjoy.<\/p>\n","protected":false},"excerpt":{"rendered":" In my fifth installment in the continuing series on Doing IT at Home I would like to focus on enterprise networking. \u00a0Many ways in which we can bring business class IT into our homes can really be done for free but networking is sadly, not one of those areas but it does not have to … Continue reading Doing IT at Home: Enterprise Networking<\/span>