Planning my next SOHO network upgrade, advice?

Started by MX372, August 25, 2023, 12:28:57 AM

Previous topic - Next topic

MX372

Hello all,

Looking for some advice for my future plans to upgrade my SOHO network. I'm not an IT professional, but I'm an experienced PC builder and have some experience with Linux and home networking (I've done all this stuff myself over the years).

So, my goals for this upgrade:

1. Implement good security for my network, beyond the basic firewall features of my cable modem and router
2. Add a NAS to the network for remote file access/file sharing and media server duty
3. Ensure the network is easily managed, expandable and future-proof as much as possible within my budget
4. Implement some type of (preferably automated) backup solution

Currently, my main desktop running Arch has all my files on the 4 HDD's (all mis-matched capacities - 3TB to 8TB) I have installed for data storage. As one can imagine, this means I only have access to my files when I have physical access to my desktop (I do not leave my PC on when I'm not using it). I have a total of around 12 TB of data. I do not currently have a backup schedule and very limited backups of said data (most of the really important stuff has been burned to BR discs and some stuff is copied to an external 4 TB USB drive). I also have a networked printer and multiple other devices on my network, such as TV's, game consoles, Laptops, tablets/phones from time to time, etc.

I'm looking at stuff like TrueNAS, Synology, Q-NAP, FreeNAS, etc. for the storage solution, but I'm kinda inclined to stick with a DIY hardware solution and Open-source software over Synology/Q-NAP. I have an older mITX system I could convert to a NAS I think, but was looking for thoughts on the hardware and if it was "good enough": Intel I5-4690K w/16gb RAM on something like an H81-series mobo (I think). I'll have to double-check the mobo specs for sure, as it might not even have GbE ethernet onboard. I'm also upgrading my current desktop from an R5-3600 to an R9-3900X, so I could use the 3600 instead.

Since my ISP connection is only 1 GbE, I don't need to have any hardware that supports 2.5 GbE or higher, but if it makes sense, I'd like to use 2.5 GbE equipment for anything I have to purchase new for my network, and use the existing stuff I have until it makes sense to upgrade it. Everything I have as far as switches, routers and modems supports 1 GbE.

I also figure I should build a firewall device (or purchase one); something a little better than the built-in stuff in my router and cable modem. Not sure if I should be planning to run stuff in a VM or not....

So at this point I'm basically researching stuff and taking notes in an effort to educate myself before pulling the trigger on anything. I made a physical network map today so that I can see exactly what I have on my network and how everything is currently connected. It's not ideal, I'll tell you that - it certainly wasn't "planned" but rather slapped together as needs arose. Something I wish to "fix".

Any advice on hardware, specific networking equipment (or even chipsets, i.e. Realtek vs. Intel), firewall devices, NAS devices, drives, switches, routers, or software (pfSense, Proxmox, TrueNAS, etc.) is greatly appreciated. Thanks!

deanwebb

The firewall capabilities of home mesh wifi systems have gotten to be really good, they do a good job of keeping out probes and scans that make it past the ISP firewall, should that happen. Home wifi, however, won't hit Gb speeds as far as I know.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

MX372

Thanks for the info.

I should have been more clear maybe: everything in my network will be wired, except mobile devices (cellphones, tablets and laptops). I expect those devices to be slower on WIFI anyway, no big deal.

I have Spectrum. My current internet speeds are about 430Mbps down/23Mbps up, so having everything in my network running 1GbE speeds should last for a while, but where I can, I'll use 2.5GbE equipment for future proofing (or if I move!).

I'm continuing to research equipment and software, but since I'm a DIY kinda guy, I'll likely build as much of it as I can myself. Only my cable modem and WIFI router, and a switch or two, will be off the shelf stuff. So, off to do more research! Any advice on switches would be great! Thanks.

deanwebb

What's your budget like for the firewall piece? There are some solid SOHO entries under $1000, but mostly in the neighborhood of several hundred.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

icecream-guy

Quote from: deanwebb on August 28, 2023, 02:06:22 PM
What's your budget like for the firewall piece? There are some solid SOHO entries under $1000, but mostly in the neighborhood of several hundred.

which ones are you talking about. I've found a Sonic Wall, the Tz270 is about 500 plus licensing with runs about $500 year,  Cisco 1000 are about 700,  I didn't check on licensing or support for those.  the Sophos XGS *7 run about 500 also, not sure about licensing there either./
:professorcat:

My Moral Fibers have been cut.