We had a customer request that we upgrade the network for their multi-tenant office environment.
We had already installed an MX64 security appliance for them a few years ago when another vendor's
firewall suddenly failed.
The customer requested that we upgrade both the wired and wireless network for all of the offices.
The property consists of 10 tenant offices and the main management office for the building.
Before the upgrade, all of the offices were on the same wired network and the wireless network
coverage was so poor that several of the office tenants had installed their own wireless routers.
The wiring closet for the property was also serving as a broom closet and the cleaning staff had
managed to knock both the power and ethernet cables loose several times.
We installed a new MS210-48FP switch in the wall mount rack in the wiring closet and installed three
new CW9162I wireless access points in the office areas to provide seamless wireless coverage.
We also installed an APC short depth Lithium-Ion Smart UPS with Smart Connect cloud management.
We needed the short depth UPS because of the short rack depth. Their was also only one power
outlet available in the closet and we needed to back up all of the network and ISP equipment with a single UPS.
We also installed some much needed cable management, although we were limited by available rack space.
One other request from the customer and their tenants was that each tenant had their own isolated wired and
wireless network VLAN that other tenants could not connect to. Each tenant would only be able to access the equipment on their VLAN and the internet. This was a perfect fit for Identity PSK without RADIUS and Group Policies. We did not use WPN because wired network clients cannot communicate with wireless clients on the same VLAN when it is implemented.
IPSK allowed us to only advertise two SSIDs (office and guest wireless) and Group Policies isolated each office's VLAN from the others. Depending on what PSK was used by each wireless client determined which VLAN that client would have access to. The wired connections in each office were configured at the switchports to determine which VLAN they would have access to. Their was also a shared conference room and this was also covered by the wireless network and the tenants could meet in it and still have access to their own office networks.
Because of the new MS210 switch and the new APs, we were also able to turn on the Secure Port feature for the network and secure the AP to switch connections with certificates to provide additional network security.
The customer and their tenants are very happy with the new wired and wireless performance and security.
The customer enjoys the fact that they can easily change the PSK for each office as tenants move in and out.
Here is the wiring closet before the upgrade.
typical wiring messspaghetti hell
Here is the wiring closet after the network upgrade was complete.
The green patch cables are analog phone lines for each office.
This will lead to a future replacement with a Cisco VOIP system and the new switch
can provide power protected PoE to the new phones.
It's amazing how some cable management and Velcro can improve the project.
cable management makes a big differenceno dangling cables to be snagged