There are many benefits to creating a VLAN. The speed of the network is increased when you set up a VLAN because; you are reducing the size if the collision domains. Using a VLAN will help make the network more manageable. You can even configure devices from one place when the devices are in different locations. When you use a VLAN you are free from physical topology. Using a VLAN allows one to have workgroups in different physical locations logically connect inside one broadcast domain.
A VLAN can provide additional security. Because the company is using switches data is only sent to the intended recipients. The server will only send information to its assigned domain. This will allow the administrators to separate resources by group.
The company network will set up a broadcast domain for each group of employees. In example engineers will have their own domain as will the call center employees. The different node on the switch can be configured to allow 2 domains on one floor. This way when the call center expands the network can already be configured for them.
To improve security all sensitive information will be in a separate domain. You can monitor an individual port and only watch traffic that passes through that port. If you notice a security threat at one particular port then it can be closely monitored. The company should use 4 layer switches so they can configure individual ports.
The type of VLAN membership that should be used is a port address membership. This is the most secure because; you can configure individual ports. Since the company wants improved security and improved network efficiency this is the best choice. The ports can be configured before they move some of the employees to a different location. MAC address membership is very difficult to manage. User ID is also hard to set up and configure. The network address membership is like MAC address because; DHCP cannot be used when using those types of memberships.
I would recommend the company using a four layer switch. This will improve on security and keep the network running faster. A layer three switch is good but, it does not provide additional security. Layer 4 switches can control traffic down to each individual port number. A layer 2 switch would not meet the security needs of the bandwidth needs of the company.
There are three different types of trunking that can be configured on a switch. The first is server mode which is the default setting on all switches. Server mode allows you to use a switch to add, delete, and modify a VLAN. Client mode only receives changed VLAN information and can not change it. Transport mode will pass updated VLAN information to other switches but, will not absorb that information for it self.
The reason we use VTP is because; it makes sure all the switches communicate VLAN information to each other. VTP makes sure switches in a VLAN have updated information. The benefit of using VTP is that if you need to make changes to multiple switches at once you can.
The VTP mode used to configure switches is server mode. Sever mode needs to be set on at least one of the switches so VLAN domain information can be changed. Once the information is changed it will then broadcast that information to all switches.
For backup I recommend the company use an alternate site. If the company has enough funds allocated for backup and recovery they should use a hot site. A hot site will provide all the back up and recovery needs for the company. If that is not an option then they can use external hard drives for backup. Once the information has been backed up the hard drive can be locked up in a fire proof safe. I recommend that the company should perform differential backup every week. The differential backup will be done on a separate external hard drive then the full backup. The differential backup will only save files that have the archive attribute on. Because it only saves the new files and updated files it is the quickest way. This kind of backup does not turn off the archive file attribute. This is good for when we go to perform our full backup.
I recommend that once a month the company should perform a full backup. When you do a full backup the archive file attribute is turned off. If a hard drive fails in week one you can use the full backup to recover last month’s files and the differential backup to update the week’s progress. The hard drives should still be checked periodically to make sure they still work.