Do I need a Router or Switch or Hub or Splitter in my new office?

Toggle sidebar Toggle sidebar
Status
Not open for further replies.
T

th3d0m

Commendable
Mar 5, 2016
4
0
1,510
Long time reader.. first time I've left my pride at the door and asked for specific help 🙂

Thank in advance for your help, and apologies for my lack of knowledge.

I work for a small 4 person company and we're moving into a new Shared Office/Coworking space next week. The office has ONE 100mb Ethernet port feeding the office (100up/100down - verified speedtest.net).

I expected to simply bring in a router - but I realized that I have been using the words router/switch and hub interchangeably.

I need to connect 6 PCs and 4 VOIP phones. What gear would you recommend?

Also, how much "speed-loss" should I expect? Obviously, I want to minimize it as much as possible.

Thanks again for your help!
Dom
 
Solution
V

The printer is on...
Sort by date Sort by votes
It depends if the port you have already has a router someplace on it. Ethernet can only go about 300ft so it there must be a device connecting to something going out of the building.

You are going to need a switch anyway because of the number of devices you need. You may want a PoE switch if you VoIP phone can run that way. It avoids the issue of the power blocks getting unplugged and stuff.

It might work with just a switch if there is a router someplace else in the building. A clue is going to be the IP address you get. If you get something like 192.168.x.x then you are getting private addresses which means a router exists. If you are getting a puiblic IP then you likely will only be allowed 1 ip and need a device to share it. If that is true you will need a router. You would then plug your switch into the router to increase the number of ports.
 
Upvote 0 Downvote
Do the VOIP phones have an ethernet port, or do they have a phone connection to a VOIP enabled device?
PCs and VOIP phones with an ethernet port just need a switch to connect them. You can pick up a 1 Gbps switch from any computer store.
Router can mean many things. When talking about an internet connection, often these devices connect to another network connection type (e.g. ADSL) as well as serving as a DHCP server and using NAT to map multiple internal IP addresses to a shared external IP address.
Putting in a router if not required will certainly make things harder because you have to configure the external interface of the router to connect to the existing network.
Plug a PC into the port, open a command prompt, and run `ipconfig /all`. You should see the allocated IP address, gateway address and DHCP server address. If these are all 192.168.X.X or 10. X.X.X addresses, you should be ok with just a switch.
 
Upvote 0 Downvote
Thank you all for the replies.

While I would like our devices to be secure (from the rest of the tenants), "setting" up a router or my own mini network is intimidating.

I am (maybe naively so) not too concerned with the other tenants maliciously attacking our stuff - they are in the same place we are, and lends itself to trusting one another.

Also, I need access to the community printer/scanner - and assume putting our own router in would make that more difficult.

I am looking for the easiest solution - which sounds like a SWITCH.

My phones - yes, they have an ethernet pass through to PC, though the new office is not POE enabled. SO I can minimize SOME of the running cabled, but not all.

Again, if I understand correctly - a Switch with enough ports should do the trick?
Thanks again!
 
Upvote 0 Downvote
Trust me, you want security from the rest of the tenant network. I'd recommend putting in a small SOHO firewall and using that as your layer 3 routing device. Something that does stateful inspection. Perhaps an ASA 5506-X or an older ASA 5505. You can find 5505's online pretty cheap. A new one costs less than $500. 5505's only have fast ethernet ports (100Mbps), so your internal LAN is limited to this speed. The 5506-X has gig ports (and a bigger price tag) so this would help with workstation-to-workstation traffic. Be warned, configuring an ASA can be a little daunting at first.

The ASA 5505 has a built in switch and 8 ports (1 has to be used for your WAN link) and it has two PoE ports. If two of your PoE devices can use power bricks, the ASA 5505 can be your only device: Firewall; router; and switch.

If you went this route, you could even use this device to be an SSL VPN termination device that your office users can use to VPN into your network when they're out of the office.

As far as speed is concerned, as long as you choose a reputable device, you won't lose speed through your internet connection. The ASA 5505 is rated for 150Mbps of statefull inspection throughput. It doesn't sound like a lot, but for a cheap firewall, it's watching all of your traffic going in and out and creating a connection table that it uses to decide wether to drop or allow traffic. In this regards, 150Mbps is plenty for you.

I am a legit network engineer for a big health care company. I do this stuff for a living but on a much larger scale. The ASA 5505 uses the same software that the larger, enterprise-class Cisco firewalls use. It has all of the same features and same command-line syntax. I use one in my own home. Private message me if you want to go this route. I can give you more advice.
 
Upvote 0 Downvote
If you are not worried about other people on the network trying to hack your devices, a switch is fine.
You'll need one port per device plus one for the network link.
If you choose a gigabit model, this will give you faster speeds between your devices, even though the link to the rest of the network is 100 Mbps.
POE uses the same cabling as any other ethernet. Typical cable used will support gigabit ethernet up to 100m (cat5e or cat6).
If your IP phones are powered by POE, it's easy enough to get a POE switch.

The current network setup will already be using network address translation. External devices on the internet can't connect through to your machines IP unless they specifically setup port forwarding rules in the router. You also have some protection on your PCs from local attacks with Windows Firewall.
An ASA would be useful where say you want to connect from another location using a VPN (secure tunnel). It also allows you to control any allowed connections from the local network. You have to set it up though. Cisco gear is notoriously difficult to configure and diagnose. I guess that supports the array of training and qualifications they offer.
If you really want to go down the firewall path, Juniper is another alternative to Cisco.
 
Upvote 0 Downvote

If one of the other tenant' PCs gets infected, it will start infecting other PCs long before that tenant is aware there's something wrong.

Off-the-shelf "cable-router" plus a switch behind it - that's all you need. Configuring a router is not that difficult, and it will provide piece of mind. Connecting a printer on the same router side (within your premises) will be the same, with or without a router.
 
Upvote 0 Downvote

The printer is on the "community" network rather than one of his devices, so this would be on the external side of the router.
A "cable-router" serves as a modem on a cable (COAX) network connection.
If he does want a hardware firewall, the external connection needs to be ethernet.
 
Upvote 0 Downvote
Solution
Status
Not open for further replies.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom