If you have read the previous resource on network features, you know what’s coming next, and you are right—we here propose a network product lineup that hews to the earlier design guidelines.
We here assume that while you still need to support EAST-WEST things like IP telephony, overhead paging, connections to overhead projectors and wireless smart boards, you primarily need to support the NORTH-SOUTH Internet access for students, teachers, and administrators. This means that the switched network primarily exists to join the wireless edge to the Internet, and that building increasing capacity and features to outrun your Internet connections or to support and protect a lot of lateral traffic is wasted money and builds in complexity that increases your management effort, and that just doesn’t need to be there. Since most of your network connections (with Chromeboooks or other student devices, and your move to a one-to-one model) are now wireless, and the percentage of network connections that are wireless will only continue to grow. Wireless flexibility and capacity is important now, and will only get more important over the next several years. We also assume that cybersecurity is now a big issue and that ought to loom larger over the next several years.
We therefore propose the following network design (which, by the way, works wonderfully well):
School core network. We propose the use of a FortiSwitch 524D as the Layer 3 school core switch. This switch comes with 24 gigabit copper ports, four SFP+ ports, and two QSFP 40 gigabit Ethernet ports. This switch provides up to twelve SFP+ ports, or eight SFP+ ports and one 40 gigabit Ethernet port. It has the capacity to drive all ports, full Layer 3, at wire speed. It is mostly used to aggregate IDF connections over backbone fiber, but it also can downlink to a local Layer 2 PoE switch at 10 gigabit speeds through a local DAC. One $2,450 Layer 3 switch is sufficient for most schools with less than eight to ten wiring closets.
If more 10 gigabit ports are needed at the cores of much larger schools, two 524D switches can be joined together into one virtual switch and connected with one 40 GBPS copper connection: providing sixteen total SFP+ connections. If even more 10 gigabit connections are needed, a single 24-port SFP+ Layer 3 stackable switch with twenty-four SFP+ connections can be substituted.
School edge wired network. We propose to keep the wireless edge as simple as possible, since there is no need to do lateral routing inside IDFs, and most traffic goes directly to the school core switch. We therefore propose the FortiSwitch 124F-FPOE and 148F-FPOE switches to make up the rest of the network. These switches provide 24 or 48 wire-speed gigabit copper PoE ports, with a power budget that provides an average of 15.4 watts per port or a full 30.8 watts per port on half of the ports. Each switch has four wire-speed 10 gigabit uplink ports. All ports are on the front of the switch for downlinking, uplinking or stacking.
The 24-port PoE switch costs about $775 and the 48-port PoE switch costs about $1,215; both come with lifetime warranties.
Both these switches also can automatically block peer-to-peer connections, which eliminates the lateral spread of malware and other infections.
These switches are managed from the cloud with a fully E-ratable management application that includes software support and upgrades.
The switches can also be integrated into a security fabric that allows a one-click quarantine of any hacker or bad actor discovered by the central security application. This is a feature that cannot be found anywhere else.
School edge wireless network. Here’s where it gets very special. We propose two types of 802.11ax wireless access points (lower capacity and high capacity) for the wireless edge inside schools. Both access points have the latest chipsets and both access points have three payload radios. Having three radios means that you can do interesting design things to provide more coverage, provide more capacity, support wireless IoT devices on a separate radio, provide more edge security through separating traffic into different VLANS, or more easily accommodate changes in client radios as they move to 5 GHz. Both radios also have AirTime Fairness; a patented suite of algorithms for optimizing each client’s experience on any available radio, no matter what their individual adapter capabilities are.
The lower capacity U231F access point is suitable for classroom and office area use. It has one 5 GHz higher-capacity radio, one 2.4 GHz higher-capacity radio and a third lower-capacity radio that can be switched to either 5 GHz or 2.4 GHz, depending on need. If you already have one access point per classroom, you can unplug that existing access point, plug in this new one, serve the classroom and adjacent areas like halls and utility rooms, and forget wireless capacity and adaptability issues for years. Its 3 GBPS’ worth of front-side capacity will support well over 100 simultaneous active sessions and can saturate one of its two gigabit Ethernet uplinks. This access point costs about $355 and comes with a free lifetime hardware warranty.
Areas like cafeterias, media centers and gyms require higher capacity, and there is a higher-capacity U431F access point to provide service. It also has three radios, and all three can be set to 5 GHz to maximize front-side capacity and minimize co-channel interference for lots of simultaneous users. It has almost 10 GBPS’ worth of front-side capacity, can support 200 or more simultaneous stable sessions, and can saturate its 3.5 GBPS worth of back-side uplink capacity (in general use, two gigabit Ethernet uplinks to a gigabit Layer 2 switch). Using mostly 5 GHZ and taking advantage of their 23 non-overlapping channels means that multiple access points can be placed close together to provide extremely high-capacity service. You can support over a thousand simultaneous, stable sessions in one place with just over $3,000 worth of access points (yes, this very high-end access point costs about $610; with its free lifetime hardware warranty).
There is also a medium-capacity 802.11ax-compliant, two-radio outdoor access point. This access point has the front-end wireless capacity in its one 5 GHz and one 2.4 GHz radio to saturate one of its two gigabit Ethernet uplinks. It costs about $650 and comes with a lifetime free hardware warranty. Pairs of this radio can also be used to make a wireless bridge between two buildings.
All these access points also can automatically block peer-to-peer connections, which eliminates the lateral spread of malware and other infections.
They are managed from the cloud with the same fully E-ratable management application that includes software support and upgrades.
The access points can also be integrated into a security fabric that allows a one-click quarantine of any hacker or bad actor discovered by the central security application. This is a feature that cannot be found anywhere else.
(ASIDE: it is increasingly likely that the Schools and Libraries Division will make cyber security products E-ratable, if not this year, then the next one, and you can then add that security application to this network for very little cost. That’s yet another advantage, besides ease of management, high capacity and low cost.)
Put up, or shut up? But what does this cost? Here’s the estimated total cost of a new network for a typical school, using this hardware and assuming that you need a new network to provide high-capacity, wireless wall-to-wall coverage and support the attachment of 200 other devices like IP phones, printers, smartboards, IP cameras, deskside PC’s and overhead paging systems.
We assume this school has 40 classrooms, two dedicated office areas, 1000 students, one hundred teachers and administrative staff, and four high-capacity areas (gym, cafeteria, media center, and common area) that each need to serve at least 200 wireless clients. We assume one MDF and four IDFs; the MDF and three of the four IDFs serve the classrooms. We assume an even distribution of 180 of the 200 wired devices over the MDF and the three IDFs that also serve the classrooms. We assume 10 GBPS Ethernet connections between the four IDFs and the one MDF. We assume one 10 GBPS connection to the school system WAN…a typical WAN connection.
Here’s the total bill of material:
- One 524D Layer 3 core switch with eight active SFP+ ports
- Four 148F-FPOE Layer 2 switches
- Five 124F-FPOE Layer 2 switches
- Four 1 meter DAC
- One 3 meter DAC
- Nine SFP+ SR optics for multimode cable (OM1, 3 or 3)
- Eight U431F high-capacity wireless access points
- Forty-two U231F medium-capacity wireless access points
- One 234F medium-capacity outdoor wireless access point
- Fifty-one cloud management licenses for wireless access points for five years
- Nine cloud management licenses for 100-level switches for five years
- One cloud management license for the core switch for five years
Total hardware and five year support cost: $50,000
Here’s the implementation cost, assuming we remove-and-replace the existing old access points (one in each classroom and office area, two in each high-capacity area, and one external access point) and then install a second network drop to the eight existing access point locations in the high-capacity areas. We remove and replace all network switches. We use the existing wire and fiber network cabling (Cat 5e or better, and multimode fiber), use the existing termination panels, and provide new fiber jumper cables.
Total installation and configuration cost: $8,180
Total installed cost, with five years’ support: $58,180
Send an email to sales@mxncorp.com if you’d like to know more.