I am setting up a new small office network with 4 PC's that will all need to access the cable internet connection as well as share files and printers. I also will have 6 machine tools that will need access to our networked computers. We are having Cable internet installed and I'm curious if I will need to install a router for the internet AND a switch for the network to acheive ineternet and file sharing? I'm not sure if I can get by with just a 16 port switch and still have access to the internet or not. Any suggestions?

It is better to be THOUGHT a fool, than to open ones mouth and relieve all Doubt!!

How to Set Up Your Home or Small Office Network

i_XpUser

Unless your cable company is going to give you multiple public IPs (maybe but not enough for your needs) you will need a router. Plus a router adds a good layer of security.

Most SOHO routers come with a 4-port wired switch. If you are going wireless, then that will be all that you need. But, if you will ahve more than 4 wired devices, then you will need a switch (preferred) or hub to add ports.

Michael J

Thanks for the input!!
Sounds like I will need a router AND a Switch since I more than 4 devices that will need hardwired to the network.

It is better to be THOUGHT a fool, than to open ones mouth and relieve all Doubt!!

You can get routers with more ports in the builtin switch. However, I'd still go with a separate switch. Even the best SOHO routers can go down sometimes. If you have a separate switch for all your devices, should this happen, your LAN will continue to function, but your internet won't. That's a whole lot better than ALL networking, especially when you move to a domain based network and require authentication to a domain controller over the network.

Other tips:

1. Put both the router and switch on a good UPS.
2. Get one big switch for all the devices, not multiple smaller ones.
3. Get the right router from the get go. Gonna need VPN in the near future? Get that router now! Make sure you understand what you're buying. At the very least, the router should have an SPI firewall and VPN passthrough.

Hope this helps.

"Republicans in Congress are moving to ratify a constitutional amendment to ban flag burning, thus ending the Iraq insurgency."

Thanks Heropsycho. Been doing some reading since my post and planned on one that allowed for VPNpassthrough as well as loggin features. Good advice on the UPS!!

It is better to be THOUGHT a fool, than to open ones mouth and relieve all Doubt!!

" Put both the router and switch on a good UPS."

Why? Unless you are going to put a UPS on the computers too, if the power goes out your "network" will be up, but none of the devices could access it. The only thing it would provide would be a temporary fail-safe if only the outlet to those devices lost power temporarily. How likely is that?

Michael J

Ok, another quick question. The company installing our phone system recommeded NOT using a hub or a switch but a patch panel instead to connect all the devices on our network. This is something I have not heard about. Can anyone tell me if there is advantages or disadvantages to patch panels vs switches?

It is better to be THOUGHT a fool, than to open ones mouth and relieve all Doubt!!

a patch panel for four pc's, why?

Even with a patch panel you still need a switch or hub. Telco installers tell people this when they want the cabling business. Probably communication union workers too.
A patch panel will make it cleaner in ways after running cable, better diagnostics of cabling issues and usually the only things changed/added/relaced are short patch cables instead of entire runs but for a small office has few benefits unless there are some very long runs or a riser is involved.

Well I will have a couple of runs that will be nearly 100' but I have 4 computers that will be on the network as well as 5 or 6 other machines, printers, etc that will also need to be accesible from the network, plus I need room for future equipment. That is why a simple router/switch will not work. I have more devices than I do ports on a router/switch.

It is better to be THOUGHT a fool, than to open ones mouth and relieve all Doubt!!

You do not say if the "couple of runs" are near each other. If they are it is better to have a hub with a single 100 foot run. Also bulds in support for more connections in the future at the end of the 100 foot runs.
And i would consider (as i mentioned before) a different medium than twisted pair. You did mention originally having machine euipment. Some may cause intereference on those 100 foot runs. Do you need this to be reliable and always available? Depends on your buseness but something to consider.

"Why? Unless you are going to put a UPS on the computers too, if the power goes out your "network" will be up, but none of the devices could access it. The only thing it would provide would be a temporary fail-safe if only the outlet to those devices lost power temporarily. How likely is that?"

How likely is a brown out that messes the devices up, causing them to fail completely or require a reboot? I'd say there's a distinct chance of it. When that happens, what happens to his network? It goes completely down, or loses internet connectivity if just the router goes down.

How much labor is it to wire up a router and a switch, configure the router, mount it, etc? At least an hour. If there's a lot of cabling maybe more.

How much is it additional labor to simply plug them into a UPS instead of surge surpressor? None.

How much would a UPS be that could power two small devices? 350VA would probably suffice. $40 for an APC UPS.

Now, suppose a brownout hits the office, causing the router and switch to flake out. How long do you think it will take to figure out that's the problem? Even if it's a simple reboot of the devices, you lost productivity in the meantime.

If the brownout happens to kill either device, you now have to spend the same or more than what a UPS is to replace it, not to mention spend the time to physically replace whatever failed.

I'd say $40 for a UPS to avoid all this is money well worth spending.

"The company installing our phone system recommeded NOT using a hub or a switch but a patch panel instead to connect all the devices on our network. This is something I have not heard about. Can anyone tell me if there is advantages or disadvantages to patch panels vs switches?"

They don't have an earthly idea what they're talking about. You HAVE to have a router and a switch, regardless of whether you need a patch panel or not. Advantages have been listed to doing so. Personally, if this is a business that's going to be around for a long time, and has plans to expand, or if the network infrastructure is vital to their business operation, go ahead and get the patch panel now. The first time a problem needs to be diagnosed where cabling needs to be examined, it can pay for itself.

People get too focused on initial costs that they forget the residual costs both in loss of productivity and labor fixing stuff later when you don't put the proper infrastructure in place the first time.

"I have more devices than I do ports on a router/switch."

You can uplink switches to the wall ports where multiple devices will be near each other where needed. Just remember it increases the complexity of the network, which can make failures more likely somewhere and make troublshooting and resolving these failures take longer, too.

"Republicans in Congress are moving to ratify a constitutional amendment to ban flag burning, thus ending the Iraq insurgency."

I couldn't agree more about the UPS! On any network device like a switch or router and/or servers you don't want to run without them. I'm not going to reiterate everything hero said as he covered all the very valid reason's why. Protection is very important, and protecting your sensitive network devices from possible damage is smart. We have multiple wiriing closets where I work (12) with minimum 3 managed switches in each (more in some) and each switch alone is worth 3-7 thousand dollars (depends on the make/model....the CISCO 2900 XL 24 ports are lot less expensive than the Baystack 5510/20's with 48 ports). Do we want to have to replace them all after a lightening strike........not really, so we have them ALL plugged into small UPS's (APC of course!) and now we don't have to worry.

A PC is easy to replace, especially when you're using standard images on them and all user data is backed up onto servers. The same can't be said for switches and routers etc.

Also, a wiring patch panel is not a bad idea if you're going to have any growth in the future at all. Once the cabling is done from wall jack to patch panel and has been tested and is working properly, you almost never have any troubles with those pieces of cabling. Of the numerous network troubles I've had to deal with here at work....none so far have been the main cables. Most were either bad cables between the PC and wall jack or a bad NIC or just plain old user error (ie: changing their TCP/IP settings to DHCP while plugged into a switch requiringing static IP's etc etc).

In a large network with a lot of cabling involved, or where dealing with costly networking equipment - yes a UPS would make sense. But in this situation we are talking about a SOHO router and switch which would cost less than $100 and be very easy to replace in the event of failure.

A UPS on the router/switch would make less sense financially than putting it on a computer which costs hundreds of dollars. I'm not arguing the fact that it would have benefits, but I thing the benefit to cost ratio does not warrant it - in this situation. I think it would be more important to have a dedicated fileserver that has such redundancy for this situation.

Michael J

2 votes (Hero/Curt) for UPS
1 vote (Michael J) against

Change that to 3 votes for a UPS. My opinion for what its worth, i would recommend for any business network router/switch *even one user/home network* to have a UPS. Any busines downtime is expensive. Pays for itself and cheap insurance. And eliminates a point of failure to the network, not just a station.

We're not talking about file servers. UPS's should be on ALL servers!

I'm talking about on the routers and switches.

Fairly easy to replace?! OK, how long will it take from the time the equipment fails to the time services are restored? First, the problem has to be discovered. Secondly, the root cause has to be determined. Finally, the solution has to be delivered. It's not the cost of the hardware so much as loss of service.

How long until someone is notified of the problem who can fix it? Could be up to a day or more before someone is notified and can get to the site to troubleshoot the issue depending on who's skilled that's available.

How long to determine root cause? At least an hour or maybe more if the company doesn't have someone skilled on site.

How long to get the replacement hardware, physically install it, and reconfigure it? At least an hour.

In the meantime, internet or the entire LAN is down. Even printing could be lost due to something like this!

If I was your client, and found out my network was down for a day because you didn't put a UPS on my switch and router for $40, I'd hire someone else pure and simple.

"Republicans in Congress are moving to ratify a constitutional amendment to ban flag burning, thus ending the Iraq insurgency."

The UPS is a side issue: The real issue is configuring your small office network for affordability, reliability, and maintainability.

The first thing you want to do is lay out your minimum requirements on paper. You'll need a LAN that can host at least 12 client machines including PCs, printers, scanners, faxes, and other devices. You'll need users identified and permission levels established. You'll need a budget and a realistic assessment of your in-house capabilities to build and maintain the system. You should map out where the machines go and the cables running between them.

Eacn network device you hang on your system reduces its overall reliability so you want to "Keep It Simple, Stupid". By the same token you want to have enough redundency to minimize downtime. In your situation I would buy a router with an 8 port switch and an 8 port switch. Hang the printers, faxes, etc. and one "master workstation" off the router and the PC clients off the switch. This will give you a reserve pool of ports for expansion or if the switch goes down. For redundancy I'd pick up a $40 4-port router and stick it in a closet: If the router dies you can use that while you procure a replacement.

There should be 2 Administrator accounts, one Master and one backup in case the Master gets hosed somehow. The users should all have User level priviledges unless one of them really, really needs higher clearance, than make him a Power User. It's worthwhile to set up one workstation with the "standard" OS, software, and permissions and roll that off onto a "Gold Disc" external hard drive or DVD. Use the Gold Disc to configure the rest of the workstations. If one dies or is replaced use the Gold disk to recover.

It may be worthwhile to pick up a Network Drive - a separate, large hard drive that plugs directly into the LAN - to use as a common "Shared" drive. Otherwise set up a "Shared" folder on the master workstation and give everyone permissions to read/write to this. All user-generated working documents and data files should be stored here and not on their own machines. Roll this off to a CDR, DVD-R, or tape weekly and store that securely. Some states require you to keep business documents 3 years and I know the IRS does so you should plan on keeping these at least that long.

Critical machines should have UPS backup but you'll have to decide which ones those are. The router, master workstation, and network drive (if any, and if remote clients need access to it) would probably be at the top of the list.

Security is a top priority: No sharing passwords, passwords at least 7 characters and 2 numbers, no one with an Admin or Power User account who doesn't need it, and all PCs configured to go into standby mode and require a password if unused for 10-15 minutes. All devices should be physically secure from theft, tampering, or vandalism and a cable lock on the device isn't a bad idea if it's somewhere that outsiders could simply walk in, pick it up, and walk out the door with it. Any machines that leave the building get a signed receipt from the employee, technician, or customer so you'll have some proof in court that they took it.

Buy a good AV package, install it to all machines, and make sure these are updated at least weekly. Impress on everyone the importance of NOT bringing in disks from home and sticking them in the floppy drive w/o your permission first. Then AVS these within an inch of their life.

Check the machines periodically to make sure that all WinDoze Updates are being installed, the AV is up to date, and no one is d/ling kiddie porn. Document everything you do and put it in an Admin manual so that if you have a heart attack and someone else has to take over he won't be totally lost. Lay in a good supply of Maalox and pick up some relaxation music CDs: You'll need them.

WOW!! Great advice from all who have contributed!! Thanks again to everyone for their input.

It is better to be THOUGHT a fool, than to open ones mouth and relieve all Doubt!!

All good advice that I mostly agree with.

Some things to add:

- Critical data backups should have a recent copy offsite in case the building burns down, etc.

- To implement the policies mentioned here concerning passwords, etc. learn about Local Policy Objects.

- To ensure Windows is being updated, enable Automatic Updates. Also use Microsoft Baseline Security Analyzer to audit security as well. Windows Update has a tendency of reporting all updates are installed, when in fact they aren't. It also checks other general security measures such as possible unauthorized admin accounts, weak passwords, catalogs the file shares, etc. MBSA can be scripted to run on a list of computers at once via command line.

http://www.microsoft.com/technet/security/tools/mbsa2/default.mspx

- Run software firewalls on all client machines. Even Windows Firewall provides the needed benefit you need, and can be controlled via policy.

- With that many computers already, start making preparations to move to a domain based network. If you will support the network, start learning Active Directory and Windows 2003. If webhosting and messaging may be desired at the same time, look at Small Business Server 2003. Domain based networking requires less administrative overhead (create accounts on DC instead of on every single workstation, policies can be pushed to client computers via Group Policy, etc.).

"Republicans in Congress are moving to ratify a constitutional amendment to ban flag burning, thus ending the Iraq insurgency."