Clik here to view.
The network before GeeForce
Client stories are often humorously written and designed for the technical and non technical reader. These stories are used with the client’s permission (the names have been changed to protect the innocent).
Problem: The client, a publicly traded company, owned a building that contains their corporate offices. The building also had several other tenants but a common “IT Room”. Client asked for GeeForce to come and secure their corporate network from the other networks in the building.
What we did first: Before proposing a solution GeeForce gathered intelligence on the network and tried to identify what was there. We talked to the different business in the building to make sure we understood their requirements and networks. Geeforce brought a packet sniffer to the client location and examined the networks traffic found there. We asked about equipment we found during our walk through such as a half rack of decommissioned equipment and other IT hardware whose purpose wasn’t immediately obvious.
What we found: The network had multiple DHCP servers, there were routing loops, multiple routers, multiple access points and firewalls. The IT closet looked like a caffeinated army of monkeys went wild with CAT5 cable and wire cutters.
This was bad.
There was no security between some of the company networks. An employee could walk in and print to their printers one day and the next day all their printers “disappeared”. Some employees were able to connect to the file severs from another company but couldn’t connect to their own. Performance was hit and miss. Sometimes the internet was lightening fast and other times it was so slow that some people went home to get work done.
What we did: The first thing action item for GeeForce after we developed a plan was to have a meeting with the client and the building tenets to review the proposed solution. After drawing out the new network, we explained what it would do and asked if the plan would be a problem with the proposed solution. GeeForce is a big proponent of getting all the affected parties in the same room! After getting everyone’s agreement on the next step, we scheduled an after hours week night to make the changes.
GeeForce ended up utilizing the equipment that client already had in their inventory but merely re-purposed much of it. We also removed DSL routers, T1 routers, and access points that were no longer being used. Since nothing was labeled employees were scared to turn off a piece of equipment for fear of shutting down a tenet’s network access!
Clik here to view.
Network after GeeForce Migration
The goal was to segment the network so that each company was behind a router/firewall and each company could control what traffic they allowed into their respective networks. The client had a high powered firewall that could do 100mb/s deep packet inspection from a recent acquisition sitting in their IT room shut down.
The firewall was an un-utilized piece of equipment that became the center of the new network. After taking the firewall back to the office and bench testing it to make sure it worked, we registered it with the manufacturer for our client, and programmed it for it’s new role.
After the migration the client’s network was locked down and so were the other building tenets that had their own networks. We even went to the switch and deactivated every port on the client’s network that wasn’t in use. This prevented people from plugging into their network switch while searching for “an internet port”. All of the building tenets now had faster Internet Access and a static IP was assigned to each network to allow remote VPN access to the various corporate networks. The client received a network map and had their IT room re-worked with labels and some judicious wire management.