Boss just asked a BOMB of a question: LAN vs Non-LAN.

[Rey de Nada]

So, my boss just asked me to explain to him the benefit of having a networked LAN versus everyone just having individual PC's.

Background. I'm designing the LAN for a new office building, from scratch, for 15 end-users. I've got a standard LAN setup, running Server 2012 R2 as AD and file server, Cisco L3 switches, network Printers/Faxes, VOIP, IP Cams recording to NAS and displaying video feeds in offices, Remote Backups, dual-port firewall for 2 ISP's, WAP's, and a supported Cisco ASA Firewall.

He is convinced that it would be much easier, and cheaper, to just give everyone a PC, connect us all to WiFi, hit the printers over WiFi, and share files via email or with external HDD's. He is highly skeptical of cloud services for file sharing.

I really had no answer to him for the benefit of having a LAN versus his setup. The only thing I could come up with is that it was going to be much easier and less time-consuming for me, the only IT guy, to manage, update, and control every PC.

Am I going overkill here? Could I really just design the new system based on his approach? It almost seems a lot easier the more I think about it...

I have neither worked outside of, nor had any education or training outside of a LAN based environment. It's so ingrained in me, that I really had no immediate good answer, and am STILL trying to think of a good enough answer for him.

How would you all respond to this?

 

[PC-4LIFE]

With everyone having control over their own computer, it will be much easier for them to be infected with malware especially if you have people with low experience.

Backups will need to be made individually by that person, something they may or may not remember to do.

As you said it will be a lot more time consuming for you, doing everything individually would take countless more days than if it were done from a central server.

You cannot control or see what each employee does with their computer. You don't know if they're working, playing or doing something illegal.

It wouldn't be cheaper really, unless you chose to go entirely WiFi which can be unreliable sometimes.

 

[velocityg4]

Part of what solution you go with depends on what software your office uses. If you are just using MS Office and Quickbooks. You could just toss everything online with Quickbooks online and Office 365. Then if a computer has a problem. They give it to you to fix. You just hand them another one and they login to their accounts. Then there is virtually no down time. Plus it won't matter if they use Windows, Mac, Chromebook, iPad, &c.

Although you don't want to make it too easy. Then your boss will question why someone in IT is necessary. Rather than a tech coming out for a few hours every couple of months.

As for networking type. LAN is simply more reliable. All the traffic of fifteen computers over Wifi would really drag down network responsiveness.

 

[Rey de Nada]

With everyone having control over their own computer, it will be much easier for them to be infected with malware especially if you have people with low experience.

Backups will need to be made individually by that person, something they may or may not remember to do.

As you said it will be a lot more time consuming for you, doing everything individually would take countless more days than if it were done from a central server.

You cannot control or see what each employee does with their computer. You don't know if they're working, playing or doing something illegal.

It wouldn't be cheaper really, unless you chose to go entirely WiFi which can be unreliable sometimes.

Thanks for your response. Some users are very low level, and there were past incidents of phishing campaigns successfully penetrating the system (all before my time).

But, I am trying to see the argument from his side. Therefore, I could set up an administrator profile and user profile to prevent additional software and system changes without the administrator's password. I would also have anti-malware on each PC.

The WiFi router would have the ability to be able to monitor traffic and sites visited, I'm sure. Albeit, would start to be considering a LAN (as they're all connected to the same router), just without the single point of administration.
But, monitoring and illegalities is a good point, and a great selling point.

Windows can perform routine backups internally, and software can be installed to send the backups to a remote site.

I don't understand how it wouldn't be cheaper. Once you take out the L3 switches, VOIP system, server, then I believe the cost would go down by over $10k, easily.

 

[Rey de Nada]

Part of what solution you go with depends on what software your office uses. If you are just using MS Office and Quickbooks. You could just toss everything online with Quickbooks online and Office 365. Then if a computer has a problem. They give it to you to fix. You just hand them another one and they login to their accounts. Then there is virtually no down time. Plus it won't matter if they use Windows, Mac, Chromebook, iPad, &c.

Although you don't want to make it too easy. Then your boss will question why someone in IT is necessary. Rather than a tech coming out for a few hours every couple of months.

As for networking type. LAN is simply more reliable. All the traffic of fifteen computers over Wifi would really drag down network responsiveness.

Thanks for your response. Actually, I would love to make it that easy, haha. I wear a lot of hats. So, I am not worried about making my job complex to ensure job security (although the last guy did, in fact, do that).

You nailed it with the software. Besides MS Office (Access being the heaviest of the suite), and Sage 50 (basically Quickbooks), we only use ArcGIS and Adobe Photoshop / Acrobat. And there is only one other user that uses the latter two programs.

You're right about being able to just quickly handover another PC, pre-loaded with our service. And going to the cloud is the solution, as you mentioned with the software. We have a lot of files we share...thousands in storage.

Also a very valid point about 15 users bogging down the WiFi. You would have to throw in cellphones, laptops, printers, IP Cams, etc., into that mix, as well.

Thank you for presenting both sides of the argument.

 

[geofelt]

Your answer probably revolves around the need for shared data.
If each user does mostly their own thing, then individual pc's seem the way to go.

OTOH, if all need access to a single source of updated data, then a server is the way to go.

It would not be unreasonable to have a hybrid system.

As to internet access, is it possible to string Ethernet cables?

 

[King_V]

I would say I'm extremely alarmed at the prospect of a company where each employee has total control on their own work machine. That sounds like a disaster waiting to happen.

Aside from that, wired LAN will be faster and more trouble free than Wi-Fi, which will be shared and potentially bogged down, as others have ably stated earlier.

 

[jsmithepa]

The only thing I could come up with is that it was going to be much easier and less time-consuming for me, the only IT guy, to manage, update, and control every PC.

That's probably the worst argument you can give. All bosses think they own you, they don't care if you have to work 24x7, to make your job easier? he's thinking why am I paying you for?

If this is a simple enterprise, 15 users is not big and I can see why your initial proposal may looks complex and expensive to him. Cisco=expensive, MS Server=expensive.

Can't think of any enterprise where employees don't communicate with each other in a regular basis. The only argument I can put forth to your boss is, timeliness and reliability (because these can hit him in the pocket). Design based on those 2 criteria.

He may not really want a LAN-less solution, this is his starting negotiation, he wants you to come up with a couple more, cheaper, less-fancy (to him) options. And your next proposals should include option#2 (but these are the downsides) and option#3 (and the downside for this is)...... then he will tell you whether he can live with the negatives.

 

[Corwin65]

The only thing I could come up with is that it was going to be much easier and less time-consuming for me, the only IT guy, to manage, update, and control every PC.

That's probably the worst argument you can give. All bosses think they own you, they don't care if you have to work 24x7, to make your job easier? he's thinking why am I paying you for?

If this is a simple enterprise, 15 users is not big and I can see why your initial proposal may looks complex and expensive to him. Cisco=expensive, MS Server=expensive.

Can't think of any enterprise where employees don't communicate with each other in a regular basis. The only argument I can put forth to your boss is, timeliness and reliability. Design based on those 2 criteria.

Would you add security as well to your criteria?

 

[jsmithepa]

Would you add security as well to your criteria?

Depends on the type of business.

If he's running a cleaning service that only services the local town, security concern would be minimal.

The CEO of Target DOES have a major security concern.

 

[velocityg4]

Thanks for your response. Actually, I would love to make it that easy, haha. I wear a lot of hats. So, I am not worried about making my job complex to ensure job security (although the last guy did, in fact, do that).

You nailed it with the software. Besides MS Office (Access being the heaviest of the suite), and Sage 50 (basically Quickbooks), we only use ArcGIS and Adobe Photoshop / Acrobat. And there is only one other user that uses the latter two programs.

You're right about being able to just quickly handover another PC, pre-loaded with our service. And going to the cloud is the solution, as you mentioned with the software. We have a lot of files we share...thousands in storage.

Also a very valid point about 15 users bogging down the WiFi. You would have to throw in cellphones, laptops, printers, IP Cams, etc., into that mix, as well.

Thank you for presenting both sides of the argument.

You're Welcome.

It sounds as though most of the files can be shared through Office 365, Dropbox, Google Apps business and stored online. Access is quick on computers regularly connected as they sync and store a local copy. You could also go with a NAS. Although it is more of a pain connecting it to the internet, getting everyone connected, maintaining a reliable connection for everyone and securing it. Plus who is going to have more up to date and hardened security measures Google/Microsoft Cloud servers or your small business NAS and network?

The Photoshop person can also store in the cloud. Although they usually just need a backup. Not access everywhere.

If you want to keep the accounts more secure. Get everyone on a Password manager and teach them how to use it. That way they just have to know one really good but easy to remember password. While the manager takes care of all the random complex passwords. Plus use two factor authentication. Lastpass Enterprise has tools to monitor usage and manage the organizations passwords.

I'd also mention to your boss. Going with a cloud solution. Would mean that if he is at home, airport, cafe, client, &c. If he realizes he needs to look at a file. He doesn't have to try to reach someone after hours to get it emailed. He can just whip out his iPhone, Android or whatever else. Login to the cloud server and look at the file.

Most small businesses I have dealt with are moving away from Windows server. Either they just use a NAS or standard Windows desktop for file sharing or they have moved to the cloud. Often it is a mixture of the two. All the administration of a domain server, exchange server, deploying updates and accompanying licenses is too much for them. For medium and large businesses it makes sense. As they can have dedicated IT staff.